2a917ba225187932578ae795ad61dedcfd3c8abc594c46ab0713fe2b0852848f

Sharing

Copy URL Twitter E-mail

General

Target

2a917ba225187932578ae795ad61dedcfd3c8abc594c46ab0713fe2b0852848f
Size

96KB
MD5

92c5647a0e7f4b05bb3bf4f6cff04040
SHA1

a13714daf17e5ace93f7d038c0f300df09f875fa
SHA256

2a917ba225187932578ae795ad61dedcfd3c8abc594c46ab0713fe2b0852848f
SHA512

a20f1bbfacd0bf6a587003138bcc7caca3267cbeeec4a77ef7eaae7f315d20f4d5de75f46ebcde137b374ce8e8fce173bd0bb2a566f57b228686eb1f5bdfc452
SSDEEP

1536:AWLfGiThVAu+YXQkfjgcx0aAZmRjTmF4H3OROKtt11ayXrNtlESKD:A2eifAu+yjDHAZYXmu3ODtt11ayXxRKD

Score

N/A

Malware Config

Signatures

Files

2a917ba225187932578ae795ad61dedcfd3c8abc594c46ab0713fe2b0852848f
.exe windows x86

368e3a07faaedf9f740b12d433807db7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
GetTickCount
ExitProcess
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
WaitForSingleObject
SetFilePointer
WriteFile
CreateFileA
LockResource
lstrcmpA
FindResourceA
EnumResourceNamesA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
GetFileAttributesA
GetModuleHandleA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
CompareStringW
CompareStringA
FlushFileBuffers
Sleep
GetLocalTime
WinExec
GetModuleFileNameA
LoadLibraryA
LoadResource
GetProcAddress
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
SetEnvironmentVariableA
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetLastError
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WideCharToMultiByte
HeapCreate
ExitThread
TerminateProcess
CreateProcessA
HeapReAlloc
HeapAlloc
GetTimeZoneInformation
GetSystemTime
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
VirtualFree
VirtualAlloc
IsBadWritePtr
GetVersionExA
HeapDestroy

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
RegQueryValueExA

shell32

ShellExecuteExA
ShellExecuteA

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

ws2_32

connect
gethostname
gethostbyname
socket
WSAStartup
htons
inet_ntoa
closesocket
WSAIoctl
setsockopt
recv
__WSAFDIsSet
select
send
WSACleanup
inet_addr
sendto
htonl

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

368e3a07faaedf9f740b12d433807db7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

iphlpapi

ws2_32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 12KB - Virtual size: 9KB