35d473b5e621fe52609024923cda56da6a56f6e33508a498d1b4c195ce74e11b

Sharing

Copy URL Twitter E-mail

General

Target

35d473b5e621fe52609024923cda56da6a56f6e33508a498d1b4c195ce74e11b
Size

186KB
MD5

84666a0f17fc1a07436a03ce9ca2acc0
SHA1

826de010bdb7e6e9ce1f03dad0e9389bfe05349e
SHA256

35d473b5e621fe52609024923cda56da6a56f6e33508a498d1b4c195ce74e11b
SHA512

e6768436fc04aa302dcc3a3f6147c01d415080a289fb0ea830b4827195091b4ffb849399dbc5c19edc1334f937fdebae2740ab5546e408c36b25c1fcc27f818e
SSDEEP

3072:bjsBVdYkwUN6XHWqoRgBJiGakWUnR3qg2oMg8Dr8ZwDS0wUBva6RwTY7e/m:cp16mqoHPUJqrgpfUB5RiYK/m

Score

N/A

Malware Config

Signatures

Files

35d473b5e621fe52609024923cda56da6a56f6e33508a498d1b4c195ce74e11b
.exe windows x86

5e399700974437620ac151fe8fa59090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

ntohl
ntohs
getservbyport
gethostbyname
WSAGetLastError
socket
connect
send
recv
closesocket
WSAStartup
gethostname
gethostbyaddr
htonl
htons

iphlpapi

GetTcpTable
GetUdpTable
SetTcpEntry

comctl32

ord17
CreateToolbarEx
ImageList_Create
ImageList_ReplaceIcon

kernel32

CloseHandle
GetLastError
GetCurrentProcess
LockResource
SizeofResource
LoadResource
FindResourceA
CreateFileA
SetLastError
GetProcAddress
GetModuleHandleA
ReadProcessMemory
OpenProcess
CreateEventA
DeviceIoControl
GetCurrentProcessId
DuplicateHandle
GetModuleFileNameA
DeleteFileA
GetSystemDirectoryA
GetVersion
LocalFree
FormatMessageA
GetTickCount
SetEvent
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatA
HeapFree
lstrlenA
lstrcpyA
HeapAlloc
GetProcessHeap
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
TlsAlloc
GetCurrentThreadId
DeleteCriticalSection
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
WriteFile
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitThread
TlsSetValue
CreateThread
GetStdHandle
ResumeThread
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
GetFileType
SetStdHandle
FlushFileBuffers
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLangID

user32

DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
CreateMenu
PostQuitMessage
LoadStringA
DialogBoxParamA
GetSubMenu
EnableMenuItem
TrackPopupMenu
WinHelpA
UpdateWindow
DestroyIcon
RegisterClassA
SetWindowTextA
EndDialog
GetParent
GetDlgItem
LoadCursorA
GetSysColorBrush
ChildWindowFromPoint
InvalidateRect
SetCapture
SetCursor
ReleaseCapture
SetWindowLongA
GetWindowLongA
GetCursorPos
GetClientRect
CreateWindowExA
LoadMenuA
SetDlgItemTextA
InsertMenuA
SetFocus
CallWindowProcA
LoadIconA
DrawIconEx
InvalidateRgn
SetWindowPos
GetMenu
CheckMenuItem
SetTimer
KillTimer
GetWindowRect
IsIconic
IsZoomed
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SendMessageA
GetDC
GetFocus
DrawTextA
ReleaseDC
GetSystemMetrics
MoveWindow
ShowWindow
ClientToScreen
ScreenToClient
PostMessageA
DestroyWindow
DefWindowProcA
MessageBoxA
GetSysColor

gdi32

CreateSolidBrush
GetTextMetricsA
CreateCompatibleDC
DeleteObject
SetBkColor
ExtTextOutA
GetTextExtentPoint32A
SetTextColor
GetStockObject
GetObjectA
CreateFontIndirectA
SelectObject
SetBkMode

comdlg32

ChooseFontA
GetSaveFileNameA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
AdjustTokenPrivileges

shell32

ShellExecuteA
SHGetFileInfoA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e399700974437620ac151fe8fa59090

Headers

File Characteristics

Imports

version

ws2_32

iphlpapi

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 20KB - Virtual size: 19KB