40a3859201afc289335b31b6edf0d97db672bf06a4dd7a5352e3feb6a9d55ef7

Sharing

Copy URL Twitter E-mail

General

Target

40a3859201afc289335b31b6edf0d97db672bf06a4dd7a5352e3feb6a9d55ef7
Size

523KB
MD5

c81989cddf7ed51a9214bcf7e174ef6c
SHA1

6dd70c05d2527516aa13771885deba73bab431a5
SHA256

40a3859201afc289335b31b6edf0d97db672bf06a4dd7a5352e3feb6a9d55ef7
SHA512

2f5cf10121633719cc958d0b0b604e4e65c6bed2840c4ae3d048e6dfb5de53745b39c88f376922047502e901c114f02730f8a32f6940e95ec2bb448696dc8692
SSDEEP

12288:mK4VHl2zLAfpxWsKEF6SFOI+Y3Rojc+j:mK4t8oZOI+cRojc+

Score

N/A

Malware Config

Signatures

Files

40a3859201afc289335b31b6edf0d97db672bf06a4dd7a5352e3feb6a9d55ef7
.exe windows x86

dd85565e2f6afccba46302a9e5e8d897

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
SetConsoleActiveScreenBuffer
GlobalWire
GlobalAddAtomA
GetVolumeInformationA
HeapSize
CopyFileA
WritePrivateProfileStructW
CreateEventA
MoveFileExW
GetDateFormatW
FillConsoleOutputCharacterA
LocalFree
GetLocaleInfoW
FileTimeToDosDateTime
FindClose
GetProcessHeaps
SetCriticalSectionSpinCount
EnumCalendarInfoExW
SetFileTime
SetFilePointer
InterlockedCompareExchange
EnumDateFormatsExA
LocalFlags
GetShortPathNameW
CommConfigDialogA
RtlMoveMemory
EnumDateFormatsExW
LocalShrink
WaitForDebugEvent
CreateFileMappingA
AllocConsole
Heap32First
GetStdHandle
GetConsoleTitleW
GetFullPathNameW
HeapDestroy
GlobalMemoryStatus
GetConsoleCursorInfo
InterlockedDecrement
MulDiv
lstrcmp
GetLongPathNameA
RemoveDirectoryW
FoldStringA
lstrcmpi
CreateSemaphoreA
GetSystemTimeAdjustment
WriteProfileSectionW
ResumeThread
GetConsoleTitleA
GetTimeZoneInformation
ReadDirectoryChangesW
GetQueuedCompletionStatus
FindResourceExW
WriteFileEx
MultiByteToWideChar
GetThreadPriority
LockResource
GlobalUnfix
DeleteCriticalSection
CreateNamedPipeW
GetPrivateProfileSectionNamesA
GetEnvironmentVariableW
IsValidLocale
lstrcatW
SystemTimeToFileTime
GetFileAttributesExA
GetLocalTime
FindFirstFileW
GetModuleFileNameW
HeapCreate
CreateFileA
AddAtomA
GetStringTypeW
ReadFileEx
IsValidCodePage
LocalAlloc
UnlockFile
WriteFileGather
EnumResourceNamesW
VirtualLock
LocalLock
OpenProcess
UnhandledExceptionFilter
FreeResource
GetDiskFreeSpaceExA
FreeLibraryAndExitThread
GetComputerNameW
TlsSetValue
LocalReAlloc
Heap32ListNext
FindFirstFileExW
SystemTimeToTzSpecificLocalTime
lstrcat
FindAtomA
FindFirstFileExA
DeleteAtom
SetConsoleMode
AddAtomW
lstrcpynA
GetProfileIntW
Process32Next
lstrcatA
GetProfileSectionW
SignalObjectAndWait
CompareStringA
Sleep
TlsFree
BeginUpdateResourceW
OpenFile
ReadConsoleOutputAttribute
ResetWriteWatch

advapi32

LookupSecurityDescriptorPartsW
InitiateSystemShutdownA
RegEnumValueW
CryptDestroyHash
CryptGetUserKey
CryptEnumProviderTypesA
LookupAccountSidA
RegEnumKeyExW
CryptSetHashParam
RegLoadKeyW
CryptGetHashParam
CryptDecrypt
RegDeleteKeyW
InitializeSecurityDescriptor
CryptContextAddRef
LogonUserW
RegCreateKeyExW
AbortSystemShutdownA
RegDeleteValueA
RegSetValueW
CryptSignHashA
CryptSetKeyParam
RegReplaceKeyA
CryptImportKey

wininet

FindNextUrlCacheContainerW
InternetCheckConnectionW
InternetWriteFile
InternetGetCookieW
InternetHangUp
ResumeSuspendedDownload
InternetSetOptionW
DeleteUrlCacheGroup
InternetGetLastResponseInfoA
InternetCrackUrlW
SetUrlCacheEntryGroup
InternetErrorDlg
FindFirstUrlCacheEntryExW
FtpCreateDirectoryA
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
InternetGoOnline
FtpRenameFileA
GopherGetLocatorTypeW
FtpCommandW
InternetGetConnectedStateEx
FindNextUrlCacheGroup
InternetConnectA
DeleteIE3Cache
InternetCanonicalizeUrlA
SetUrlCacheHeaderData
ShowClientAuthCerts
InternetSetCookieW
InternetGetConnectedStateExW
FindFirstUrlCacheContainerW
UnlockUrlCacheEntryFile
FreeUrlCacheSpaceW
SetUrlCacheConfigInfoW
InternetTimeFromSystemTimeW
CreateUrlCacheContainerA
DeleteUrlCacheContainerA
InternetCombineUrlA
IncrementUrlCacheHeaderData
InternetGetCertByURLA
InternetSecurityProtocolToStringA
InternetShowSecurityInfoByURL
InternetCreateUrlA
FtpRemoveDirectoryA
InternetShowSecurityInfoByURLW
ShowCertificate
FindNextUrlCacheContainerA
RetrieveUrlCacheEntryStreamW
InternetSetOptionA
InternetOpenUrlA
InternetSecurityProtocolToStringW
GopherFindFirstFileA
GopherCreateLocatorA
InternetGetCookieA
InternetConnectW
InternetLockRequestFile
SetUrlCacheGroupAttributeA
InternetTimeFromSystemTime
HttpOpenRequestA
UnlockUrlCacheEntryFileW
IsUrlCacheEntryExpiredW
InternetConfirmZoneCrossing
GopherGetAttributeW
UnlockUrlCacheEntryStream
UrlZonesDetach
GetUrlCacheEntryInfoW
InternetQueryFortezzaStatus
FindNextUrlCacheEntryW
FtpSetCurrentDirectoryA
InternetTimeFromSystemTimeA
InternetAutodial
DeleteUrlCacheEntryA
FtpFindFirstFileW
GopherCreateLocatorW
InternetGetConnectedStateExA
FtpPutFileEx

wsock32

ord1130
ord1106
select
getsockname
ord1107
htonl
htons
ord1141
getservbyport
inet_addr
ord1120
WEP
ord1112
ord1108
closesocket
gethostname
listen
WSAAsyncGetServByPort
WSAAsyncGetProtoByNumber
WSASetBlockingHook
connect
ord1115
getservbyname
sendto
ntohl
WSAUnhookBlockingHook
ord1109
setsockopt

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd85565e2f6afccba46302a9e5e8d897

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

wsock32

Sections

.text Size: 152KB - Virtual size: 151KB

.data Size: 260KB - Virtual size: 259KB

.bss Size: 111KB - Virtual size: 110KB

.text
Size: 152KB - Virtual size: 151KB

.data
Size: 260KB - Virtual size: 259KB

.bss
Size: 111KB - Virtual size: 110KB