390d4af9a746ccf36021bcc10cda297a4dbaaebf002ad5207582336d95b3ae91

Sharing

Copy URL Twitter E-mail

General

Target

390d4af9a746ccf36021bcc10cda297a4dbaaebf002ad5207582336d95b3ae91
Size

264KB
MD5

45d81d0812a6c7e07086bd28183431b3
SHA1

5ee49f7bcef3c5cd9af280e3a4e253a1e7300f40
SHA256

390d4af9a746ccf36021bcc10cda297a4dbaaebf002ad5207582336d95b3ae91
SHA512

17a4923709845731c6248b695b53e5c258370606c1f91534eaf0e0e99e55ed8582abdd6d54bd18a3aeb1aff4f9687b03b11eb1438302cd7a387e8efcdc427210
SSDEEP

6144:KDYAloLv4J7apkW02wfMvJFQjIwjF8qQYYl:4hlo74J7/W0bfMvJFQjvjmdJl

Score

N/A

Malware Config

Signatures

Files

390d4af9a746ccf36021bcc10cda297a4dbaaebf002ad5207582336d95b3ae91
.exe windows x86

71385b2cc5a78c91ef976a4cc804c5d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
DeleteCriticalSection
VirtualAlloc
InterlockedExchange
GetLocalTime
GetCurrentProcessId
HeapAlloc
lstrlenA
GetDiskFreeSpaceExA
GetFileSize
SetFilePointer
MapViewOfFile
CreateFileMappingA
HeapFree
UnmapViewOfFile
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
TerminateProcess
GetCurrentThreadId
GetSystemInfo
OpenEventA
WaitForSingleObject
CloseHandle
LCMapStringW
LCMapStringA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
HeapCreate
HeapDestroy
Sleep
TerminateThread
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GetEnvironmentVariableA
VirtualFree
HeapReAlloc
SetUnhandledExceptionFilter
SetLastError
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
InterlockedIncrement
RtlUnwind
RaiseException
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetLastError
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA

user32

GetCursorPos
TranslateMessage
GetMessageA
CharNextA
wsprintfA
MessageBoxA
LoadCursorA
SendMessageA
keybd_event
MapVirtualKeyA
mouse_event
SetCapture
WindowFromPoint
CloseClipboard
SetClipboardData
CloseWindow
IsWindow
PostMessageA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
DispatchMessageA
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard

advapi32

AllocateAndInitializeSid
GetLengthSid
InitializeAcl
FreeSid
LookupPrivilegeValueA

ws2_32

WSAStartup
WSACleanup
setsockopt
htons
gethostbyname
recv
select
closesocket
send
inet_addr
connect
sendto
htonl
getsockname
socket

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71385b2cc5a78c91ef976a4cc804c5d0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 32KB - Virtual size: 32KB