59a63273ef16c761fea64743df6c2543b270feacb09265b04cf6824ee2d201e1

Sharing

Copy URL Twitter E-mail

General

Target

59a63273ef16c761fea64743df6c2543b270feacb09265b04cf6824ee2d201e1
Size

140KB
MD5

82887faa8203a5b625db8a9a63d62390
SHA1

84c21c1efa38a1819121ee59af6694c9138f8c56
SHA256

59a63273ef16c761fea64743df6c2543b270feacb09265b04cf6824ee2d201e1
SHA512

9d6d283c9382a43b9a72f77d58c076ac2d8c32d20717aa37d38dcc2d2c6298a17522bebb7b1c60d7c74520e4e8c0b85a4be2498e690172bef4342827977dc799
SSDEEP

3072:6qRbVq/knNtPg9AGN8p0QVxgQ0TTz+Df3vY:6s8cNW9Ao8HVCNTTzKf3g

Score

N/A

Malware Config

Signatures

Files

59a63273ef16c761fea64743df6c2543b270feacb09265b04cf6824ee2d201e1
.exe windows x86

16d76bc77a5424591d571622bd1fc410

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memset
_onexit
__dllonexit
??1type_info@@UAE@XZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_strrev
_strnicmp
_strnset
calloc
_beginthreadex
_errno
strchr
strcat
strncmp
atoi
strrchr
strcmp
_except_handler3
malloc
free
strncpy
sprintf
strcpy
rand
memcmp
strstr
strlen
_ftol
ceil
memmove
_CxxThrowException
__CxxFrameHandler
puts
memcpy
??3@YAXPAX@Z
putchar
??2@YAPAXI@Z
_controlfp
??0exception@@QAE@ABQBD@Z

kernel32

GetModuleHandleA
SetErrorMode
GetVersionExA
GetComputerNameA
GetCurrentThreadId
OpenProcess
TerminateProcess
WaitForMultipleObjects
GetStartupInfoA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalSize
LoadLibraryA
WaitForSingleObject
SetEvent
FreeLibrary
CloseHandle
Sleep
GetProcAddress
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetLastError
ResetEvent
InterlockedExchange
CancelIo
GetTickCount
GetLocalTime
GetCurrentProcessId
DeleteFileA
CreateDirectoryA
GetFileAttributesA
lstrcpyA
lstrlenA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
LocalReAlloc
LocalAlloc
GetFileSize
ReadFile
SetFilePointer
MoveFileA
lstrcatA
CreateProcessA
InitializeCriticalSection
lstrcmpiA
MapViewOfFile
CreateFileMappingA
HeapFree
UnmapViewOfFile
OpenEventA

user32

GetThreadDesktop
OpenDesktopA
PostMessageA
IsWindow
CloseWindow
OpenInputDesktop
SetThreadDesktop
CloseDesktop
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetCursorInfo
DestroyCursor
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCursorPos
WindowFromPoint
SetCapture
mouse_event
MapVirtualKeyA
keybd_event
SendMessageA
BlockInput
LoadCursorA
MessageBoxA
GetWindowTextA
DispatchMessageA
TranslateMessage
GetMessageA
CharNextA
wsprintfA
GetUserObjectInformationA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
DeleteService
OpenSCManagerA
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegRestoreKeyA
RegSaveKeyA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

ws2_32

select
closesocket
setsockopt
send
inet_addr
connect
sendto
WSASocketA
htonl
inet_ntoa
getsockname
bind
recvfrom
__WSAFDIsSet
socket
gethostbyname
htons
WSACleanup
WSAStartup
recv

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16d76bc77a5424591d571622bd1fc410

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB