675a3913441a320bf8dc6fad9fd75321d2c3c7affb7e3e76768fc4fd96632c83

Sharing

Copy URL Twitter E-mail

General

Target

675a3913441a320bf8dc6fad9fd75321d2c3c7affb7e3e76768fc4fd96632c83
Size

444KB
MD5

84caa2aea2557121e84a526979271500
SHA1

fe6411b11bc746e8dedc02f9a44a39489e18d97e
SHA256

675a3913441a320bf8dc6fad9fd75321d2c3c7affb7e3e76768fc4fd96632c83
SHA512

8ad3267825c61423a0db9816a906808cdcfd64308825c234486d975eb1123b41465f68f2c4c8385be9ebe4bf8e9339bf2acf25ecb03d4cb0053c858cb2b60193
SSDEEP

12288:IsgUdgBDBFyiUzUGlpylMVzflDpf2J1EVhT9nYkbZQdxqfZxpyP7e:oLDBFyiUzUGlpylMVzflDN2JwT9BbAe

Score

N/A

Malware Config

Signatures

Files

675a3913441a320bf8dc6fad9fd75321d2c3c7affb7e3e76768fc4fd96632c83
.exe windows x86

929cd1b21bb3496d422d5d55e639f9cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
memmove
__p___initenv
_XcptFilter
_exit
_open_osfhandle
getenv
??2@YAPAXI@Z
mktime
strncpy
asctime
_getpid
strncat
localtime
strftime
__mb_cur_max
strchr
realloc
rename
_isctype
_pctype
_fullpath
_splitpath
memcmp
__p___argv
ctime
__p___argc
strcat
_searchenv
strcpy
strncmp
time
malloc
memcpy
atoi
strrchr
free
longjmp
exit
strcmp
_errno
atol
strlen
sprintf
memset
_putenv
_lseek
_access
_stricmp
_rmdir
_strdup
_read
_unlink
_write
_mkdir
_close
_stat
_strupr

kernel32

lstrcpyA
GetStdHandle
Sleep
GetLastError
SetCurrentDirectoryA
LoadLibraryA
GetLogicalDrives
IsBadWritePtr
VirtualQuery
GetProcAddress
FormatMessageA
OutputDebugStringA
GetModuleHandleA
GetTimeZoneInformation
RaiseException
SetUnhandledExceptionFilter
FindClose
FindNextFileA
GetFileType
GetFileAttributesA
GetDriveTypeA
FindFirstFileA
SetConsoleCtrlHandler
GetEnvironmentStrings
GetVersion
CreateFileA
CopyFileA
SetFilePointer
LockFile
WriteFile
UnlockFile
QueryPerformanceCounter
QueryPerformanceFrequency
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcmpA
lstrcatA
_lopen
_lclose
GetWindowsDirectoryA
GetEnvironmentVariableA
WaitForMultipleObjects
CreateProcessA
GetCommandLineA
GetModuleFileNameA
CloseHandle
CreateEventA
OpenEventA
SetEvent
FreeConsole
GetCurrentProcessId
GetVersionExA
CreateThread
lstrlenA
DuplicateHandle
GetCurrentThread
GetCurrentProcess
ExitThread
TerminateProcess
GetTickCount
ReadFile
CreateMailslotA
GetCurrentDirectoryA

advapi32

RegEnumValueA
GetUserNameA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
DeregisterEventSource
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegisterEventSourceA
ReportEventA

user32

EnumWindows
wvsprintfA
OemToCharA
CharUpperBuffA
IsIconic
PostMessageA
SetForegroundWindow
IsWindowEnabled
GetClassNameA
CharUpperA
FindWindowA
IsWindowVisible
wsprintfA

wsock32

inet_ntoa
WSAStartup
accept
__WSAFDIsSet
select
recv
send
socket
getprotobyname
getservbyname
ntohs
WSAGetLastError
listen
WSACleanup
htons
setsockopt
bind
getservbyport
closesocket
shutdown

Exports

Exports

utcncel
utevt
utnap
utsleep

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

drargs_d
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

drmsg_da
Size: 4KB - Virtual size: 521B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ccread_d
Size: 4KB - Virtual size: 397B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ccxlate_
Size: 4KB - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

929cd1b21bb3496d422d5d55e639f9cd

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

wsock32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 40KB - Virtual size: 62KB

drargs_d Size: 8KB - Virtual size: 4KB

drmsg_da Size: 4KB - Virtual size: 521B

ccread_d Size: 4KB - Virtual size: 397B

ccxlate_ Size: 4KB - Virtual size: 382B

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 62KB

drargs_d
Size: 8KB - Virtual size: 4KB

drmsg_da
Size: 4KB - Virtual size: 521B

ccread_d
Size: 4KB - Virtual size: 397B

ccxlate_
Size: 4KB - Virtual size: 382B

.rsrc
Size: 76KB - Virtual size: 76KB