ec74955749c8be72016f995975b9967a29aecc66fc07ef5d27bfe9148865bbb1

General

Target

ec74955749c8be72016f995975b9967a29aecc66fc07ef5d27bfe9148865bbb1
Size

211KB
MD5

a33253db21dc282662334ee2dedb5e60
SHA1

9a90cc0a8a533e3e772a8c59a9e7e79e67264538
SHA256

ec74955749c8be72016f995975b9967a29aecc66fc07ef5d27bfe9148865bbb1
SHA512

39947dc753267276929c2eea4051aef9de06b5de23daa1264cedc5ec48404cb511f867fd231d60ce3a219e0e528967f13ab54120f8af4fad71bd5d6fc310c1f7
SSDEEP

6144:fL/SLX3Ry7UbkQx8hYLYkSLduKJrfg2Bo7m/+2Xk7P:feTvkQOhYLHSLYKPBo7p2XyP

Score

N/A

Malware Config

Signatures

Files

ec74955749c8be72016f995975b9967a29aecc66fc07ef5d27bfe9148865bbb1
.exe windows x86

89fa666765f64c53142fe6f0bcb9f070

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessWorkingSetSize
GetCurrentProcessId
ReadConsoleInputA
VDMOperationStarted
FreeEnvironmentStringsA
CreateThread
OpenFileMappingW
Thread32First
GetModuleHandleA
SetLocalPrimaryComputerNameW
LoadLibraryA
BaseCleanupAppcompatCacheSupport
GetCurrencyFormatA
FreeConsole
GetCPInfo
GetSystemInfo
GetLocaleInfoA
GetUserDefaultUILanguage
GetSystemWindowsDirectoryA
ClearCommError
GetNumberOfConsoleMouseButtons
CancelIo
GenerateConsoleCtrlEvent
TlsAlloc
CreateActCtxW
CreateMailslotA
GetVolumeNameForVolumeMountPointA
EndUpdateResourceA

mswsock

TransmitFile
NSPStartup
GetTypeByNameW
GetAcceptExSockaddrs
AcceptEx
GetNameByTypeA
StopWsdpService
EnumProtocolsW
GetNameByTypeW

gdi32

CreatePenIndirect
CreateDCW
NamedEscape
EngEraseSurface
SelectFontLocal
GdiEntry2
EngMultiByteToWideChar
CreateFontA
EngComputeGlyphSet
EngFindResource
GetCharABCWidthsFloatA
CreateCompatibleBitmap
GdiRealizationInfo
CreatePen
GetTextColor
CreateBitmapIndirect
OffsetWindowOrgEx
PATHOBJ_bEnumClipLines
CreateDIBPatternBrushPt
GdiConvertEnhMetaFile
EngLockSurface

ws2_32

setsockopt
WSAGetLastError
WSAUnhookBlockingHook
getprotobyname
WSAHtonl
accept
listen
WSACancelBlockingCall

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89fa666765f64c53142fe6f0bcb9f070

Headers

File Characteristics

Imports

kernel32

mswsock

gdi32

ws2_32

Sections

.text Size: 148KB - Virtual size: 148KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.text
Size: 148KB - Virtual size: 148KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB