cca37f7f1eebf1ac144bcd27dc77a95cdca5e398ad5003e7f7557cccf181fdf2

Sharing

Copy URL Twitter E-mail

General

Target

cca37f7f1eebf1ac144bcd27dc77a95cdca5e398ad5003e7f7557cccf181fdf2
Size

89KB
MD5

509bb0ad3c47436a3ddfa366fcfdd377
SHA1

c4aba253fea2593c5fd179c2aa928bf939848ff1
SHA256

cca37f7f1eebf1ac144bcd27dc77a95cdca5e398ad5003e7f7557cccf181fdf2
SHA512

559c5e0cf45d31af2b88228085c5844e9cf4622ffc001921d03a656113fe4692be98203d8367252a9d57f27ace4f83f95b6767e225729c7d0a656f67af6cadce
SSDEEP

1536:T0S6EAGU3iVwI5y4LJoJlfT4wuXcaWYzFsWjcdHyM2e2vSUEX:T0S6LiP4wu0zqHyMt2vXq

Score

N/A

Malware Config

Signatures

Files

cca37f7f1eebf1ac144bcd27dc77a95cdca5e398ad5003e7f7557cccf181fdf2
.exe windows x86

c0914a1fe934efb85b9a026db5712e10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileW
HeapSize
HeapReAlloc
GetModuleFileNameA
SetFilePointerEx
FlushFileBuffers
SetStdHandle
LCMapStringW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcmpW
WriteConsoleW
lstrcpyW
GetStringTypeW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleHandleW
GetStartupInfoW
TlsFree
HeapAlloc
GetLastError
HeapFree
EncodePointer
DecodePointer
CreateThread
GetCurrentThreadId
ExitThread
GetProcAddress
LoadLibraryExW
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetFileAttributesExW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStdHandle
GetModuleFileNameW
GetProcessHeap
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
ReadFile
GetConsoleMode
ReadConsoleW
GetConsoleCP
DeleteFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
SetEndOfFile

user32

PostQuitMessage
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
DispatchMessageW
TranslateMessage
GetMessageW
FindWindowW
DefWindowProcW

advapi32

RegDeleteValueW
RegOpenKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

ws2_32

ntohs
inet_ntoa
recvfrom
WSAStartup
gethostbyname
socket
bind
WSAIoctl
gethostname

wininet

InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestA
InternetCloseHandle

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0914a1fe934efb85b9a026db5712e10

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 5KB - Virtual size: 174KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 5KB - Virtual size: 174KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB