a12c67d651b72af863151322af4d24052d827cf970f5614095ab7cad23a00f7e

Sharing

Copy URL Twitter E-mail

General

Target

a12c67d651b72af863151322af4d24052d827cf970f5614095ab7cad23a00f7e
Size

262KB
MD5

9088df35bf20606203ef224f03b93d3c
SHA1

cbc4206cfc1a16d83670fbd91c5a7b9ba544a100
SHA256

a12c67d651b72af863151322af4d24052d827cf970f5614095ab7cad23a00f7e
SHA512

0bc8e70dc22d8fe1fb571eb2d608c33f3bc218ff37fef38e0118c359571d49616ba7063a52e9b85134610b7f4ee57f0fc80ca7a7c1ca8babd306f878f3b5f15c
SSDEEP

6144:vqNDPattO5pA9CWf6MCuw2oIC3BEBU0G5M+gTDUhQRP9:CNDPattO5qkusLLnwUM

Score

N/A

Malware Config

Signatures

Files

a12c67d651b72af863151322af4d24052d827cf970f5614095ab7cad23a00f7e
.exe windows x86

e836ff60106786b4d3461b9a2e306c5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
send
recv
ioctlsocket
WSACleanup
gethostname
getsockname
connect
inet_addr
htons
WSAStartup
WSAGetLastError
socket

pthreadvc2

pthread_mutex_unlock
pthread_mutex_lock
pthread_mutex_trylock
pthread_attr_destroy
pthread_mutex_destroy
pthread_create
pthread_attr_setdetachstate
pthread_attr_init
pthread_mutex_init

kernel32

TerminateProcess
CompareStringW
HeapSize
CreateFileW
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
HeapReAlloc
GetStringTypeW
LoadLibraryW
WriteConsoleW
FlushFileBuffers
LCMapStringW
GetProcessHeap
SetEndOfFile
Sleep
SetLastError
GetLastError
GetStdHandle
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
CreateDirectoryA
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
HeapSetInformation
GetFullPathNameA
CloseHandle
GetFileInformationByHandle
PeekNamedPipe
GetFileType
CreateFileA
GetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
SetEnvironmentVariableA
GetCurrentProcess
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetHandleCount
GetStartupInfoW
DeleteCriticalSection
HeapCreate
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
ReadFile
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
RtlUnwind
ExitProcess
GetModuleFileNameW
IsProcessorFeaturePresent
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetDriveTypeW
SetFilePointer

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 160KB - Virtual size: 416KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e836ff60106786b4d3461b9a2e306c5a

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

pthreadvc2

kernel32

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

PACK Size: 160KB - Virtual size: 416KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

PACK
Size: 160KB - Virtual size: 416KB