e725646c2083c78a4242bc20135442b280f76651eaf62239be46192f320ba7bf

Sharing

Copy URL Twitter E-mail

General

Target

e725646c2083c78a4242bc20135442b280f76651eaf62239be46192f320ba7bf
Size

188KB
MD5

8284212ed8480a06e7d72e0451b5f2c0
SHA1

34617f52769ece6fc1c8f0cd5890087f89d9dbec
SHA256

e725646c2083c78a4242bc20135442b280f76651eaf62239be46192f320ba7bf
SHA512

d8f902fe883706c0958380c1406b3de0f819289c3f60a8520f5c789fe43a2495afe8929d98c81b5c84a70376d66d420b4c6035d7eb6315d08784477d0f9869f2
SSDEEP

3072:5/NbO55kJa6+/rldg3ZOEWQE5/82SzkDZZWqZpZZvJ9tzF4+ip8zoI7h+aS1Gq:V3aTo3Znj282bX4Uzo0naGq

Score

N/A

Malware Config

Signatures

Files

e725646c2083c78a4242bc20135442b280f76651eaf62239be46192f320ba7bf
.exe windows x86

2b236d1dea1973f3d5449e6f6ea125dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

select
__WSAFDIsSet
ioctlsocket
WSAStartup
accept
htons
bind
getsockopt
setsockopt
socket
closesocket
listen
recvfrom
htonl
WSASendTo
WSARecv
WSAGetLastError

kernel32

LCMapStringW
LCMapStringA
SetFilePointer
SetEnvironmentVariableA
CompareStringW
CompareStringA
Sleep
GetStringTypeA
GetLastError
ReadFile
WriteFile
CreateFileA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
SetConsoleCtrlHandler
GetTimeZoneInformation
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
DeleteFileA
InterlockedDecrement
GetStdHandle
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
GetConsoleCP
GetConsoleMode
CloseHandle
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
MultiByteToWideChar
GetLocaleInfoA
FlushFileBuffers

advapi32

StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
StartServiceCtrlDispatcherA
QueryServiceStatus
RegisterServiceCtrlHandlerA
SetServiceStatus
ControlService

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b236d1dea1973f3d5449e6f6ea125dd

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 56KB - Virtual size: 55KB