fabddd3d7254caaba1e0904d60dd2acc6c93b75db7d0bf3099f00baa259db0c2

Sharing

Copy URL Twitter E-mail

General

Target

fabddd3d7254caaba1e0904d60dd2acc6c93b75db7d0bf3099f00baa259db0c2
Size

711KB
MD5

841181e3e83cc61eccc2bd894aa869f0
SHA1

e182532eb52703e8cf50303e501bab77857c83fa
SHA256

fabddd3d7254caaba1e0904d60dd2acc6c93b75db7d0bf3099f00baa259db0c2
SHA512

75f843f13f92672618d0cb177f61f45dd30dd5f4c86b74bc4cc5e43def4ac09fc698d35907dce2d507a50c13cddd6e9d7058500e0c67d866ec5287d6304016d0
SSDEEP

12288:Jy6S65xXdEzO9TDId7TLyrq66Narcv814DBb3Olz2+glIEYZl9mhvATNiZlP:g0xXdEy9TDINdNarcU14DBTi3glIyhv

Score

N/A

Malware Config

Signatures

Files

fabddd3d7254caaba1e0904d60dd2acc6c93b75db7d0bf3099f00baa259db0c2
.exe windows x64

83d743ade24a818cc68847d05bafebe1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

connect
setsockopt
send
WSACleanup
gethostbyname
inet_addr
htons
WSAStartup
closesocket
sendto
socket

kernel32

GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
LoadLibraryA
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
GetProcAddress
FreeLibrary
InitializeCriticalSection
SetEvent
WaitForSingleObject
CloseHandle
DeleteCriticalSection
WriteFile
GetLocalTime
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
Sleep
ReleaseMutex
SetThreadPriority
GetCurrentThread
WaitForMultipleObjects
OutputDebugStringA
EnterCriticalSection
OutputDebugStringW
LeaveCriticalSection
SetFilePointer
GetComputerNameA
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
ReadProcessMemory
GetThreadContext
GetCurrentProcess
GetCurrentThreadId
SuspendThread
CreateFileA
GetFileSize
DeleteFileA
GetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA
SetUnhandledExceptionFilter
GetTickCount
GetFileAttributesA
CreateDirectoryA
ProcessIdToSessionId
LoadLibraryW
OpenProcess
CreateRemoteThread
SetLastError
ReadFile
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
RtlVirtualUnwind
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameW
LCMapStringW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentProcessId
RaiseException
WideCharToMultiByte
LCMapStringA
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
IsValidCodePage
HeapReAlloc
HeapSize
HeapAlloc
HeapFree
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
MultiByteToWideChar
ExitThread
CreateThread
GetProcessHeap
GetStartupInfoW
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapSetInformation
HeapCreate
GetModuleHandleA
ExitProcess
GetStdHandle
GetCPInfo
GetACP
GetOEMCP

advapi32

RevertToSelf

version

VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 508KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83d743ade24a818cc68847d05bafebe1

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

version

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 6KB - Virtual size: 30KB

.pdata Size: 6KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 2KB - Virtual size: 1KB

.vmp0 Size: 508KB - Virtual size: 1.8MB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 6KB - Virtual size: 30KB

.pdata
Size: 6KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 2KB - Virtual size: 1KB

.vmp0
Size: 508KB - Virtual size: 1.8MB