12fcaef229ccf14d10d7bd34926baf969ea1a40b8ef1fcdf90844e5e6b9fafd7

Sharing

Copy URL Twitter E-mail

General

Target

12fcaef229ccf14d10d7bd34926baf969ea1a40b8ef1fcdf90844e5e6b9fafd7
Size

328KB
MD5

bf59259a9c7afe46bd69ce10fad663b4
SHA1

4f74c6f48dcfee93c0d88560127895683dfb7ad4
SHA256

12fcaef229ccf14d10d7bd34926baf969ea1a40b8ef1fcdf90844e5e6b9fafd7
SHA512

39197259ec1fb4ded24a116a02da760a10bf7f1e2c668b4dd5d10b7923d6fedba33cb1ba6eada41f31f32e91f48c2da57480afc1ea3e0a61342f5ebae5297129
SSDEEP

6144:6RSkbCwySZBYGjmBbNkw8qOLhLc3P+Yja+Je8:ESkbCxSZKGjmBbNkw8q+Lc3pj+8

Score

N/A

Malware Config

Signatures

Files

12fcaef229ccf14d10d7bd34926baf969ea1a40b8ef1fcdf90844e5e6b9fafd7
.exe windows x86

e0627821897a49eb408ea758c44d3005

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetModuleFileNameA
LCMapStringA
SetEndOfFile
CopyFileA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetComputerNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreatePipe
WriteFile
CreateProcessA
Sleep
CreateFileA
ReadFile
SetEnvironmentVariableA
CloseHandle
GetACP
GetCPInfo
SetStdHandle
SetConsoleCtrlHandler
WaitForSingleObject
GetExitCodeProcess
VirtualAlloc
HeapReAlloc
HeapAlloc
FlushFileBuffers
GetModuleHandleA
RtlUnwind
VirtualFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetLastError
GetFileAttributesA
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
LCMapStringW

user32

wsprintfA
GetDC
GetSystemMetrics
SetCursorPos
BlockInput
MessageBoxA
GetDesktopWindow
ReleaseDC

gdi32

CreateCompatibleBitmap
SelectObject
BitBlt
GetObjectA
GetDIBits
DeleteObject
CreateCompatibleDC

advapi32

RegSetValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

ws2_32

closesocket
connect
send
htons
inet_addr
inet_ntoa
WSACleanup
WSAGetLastError
socket
gethostbyname
WSAStartup
recv

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0627821897a49eb408ea758c44d3005

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 5KB