ff88844aaac14a7028eceb9f24d2a5be9bd6ecfb3aa1a4a295ff22d7f71175e2

Sharing

Copy URL Twitter E-mail

General

Target

ff88844aaac14a7028eceb9f24d2a5be9bd6ecfb3aa1a4a295ff22d7f71175e2
Size

104KB
MD5

821c5d78d3464c9d5efd0740bf936e10
SHA1

b8245c7f809d300c533cb76d299e24598400caf5
SHA256

ff88844aaac14a7028eceb9f24d2a5be9bd6ecfb3aa1a4a295ff22d7f71175e2
SHA512

c6773033fc9fd2d6c7b6b68c88b984269e3d530b59ae3524ccb909a17e754478f2b8f5c53cf4326f513ecfa0c35e250b7a00801c490f5d81bb7145cf0693e773
SSDEEP

768:0FOVNXm3EGnPA0ZvbRePFJmXbkzwjoaFzcMeVTAzSEx:a6NDuP7ZiJ/ccaFzcMLSM

Score

N/A

Malware Config

Signatures

Files

ff88844aaac14a7028eceb9f24d2a5be9bd6ecfb3aa1a4a295ff22d7f71175e2
.exe windows x86

96e07feee60206a6682b9511333df644

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetErrorMode
lstrlenA
GetProcAddress
LoadLibraryA
GetFileAttributesA
lstrcpy
SetFileTime
CloseHandle
GetFileTime
CreateFileA
lstrcat
Sleep
LocalFree
WideCharToMultiByte
lstrlenW
GetCommandLineW
CreateMutexA
GetModuleFileNameA
GetTempPathA
GetUserDefaultLangID
TerminateProcess
OpenProcess
Process32Next
DeleteFileA
MoveFileExA
Process32First
CreateToolhelp32Snapshot
WriteFile
SetFilePointer
ReadFile
GetFileSize
ExitProcess
GetStartupInfoA
GetEnvironmentVariableA
CopyFileA
CreateMutexA
GetProcAddress
CreateThread
SetFileAttributesA
GetTempFileNameA
WinExec
InitializeCriticalSection
DeleteFileA
CreateProcessA
GetVolumeInformationA

ntdll

RtlGetLastWin32Error
RtlLeaveCriticalSection
RtlEnterCriticalSection

msvcrt

_mbsdup
malloc
strcpy
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
sscanf
exit
_XcptFilter
_exit
time
memcpy
strcmp
strrchr
labs
strcat
_except_handler3
atoi
toupper
strstr
strlen
fclose
ftell
fseek
fopen
fwrite
fputs
fread
memset
free

psapi

EnumProcessModules
GetModuleFileNameExA

shell32

CommandLineToArgvW
SHGetFolderPathA

user32

CreateWindowExA
wsprintfA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA

ws2_32

recv
inet_ntoa
closesocket
WSACleanup
ioctlsocket
gethostbyname
gethostname
socket
bind
WSAStartup
__WSAFDIsSet
WSAStartup
connect
ntohs
recv
send
socket
gethostbyname
closesocket

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

Sections

sect_1
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96e07feee60206a6682b9511333df644

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

msvcrt

psapi

shell32

user32

version

wininet

ws2_32

advapi32

Sections

sect_1 Size: 96KB - Virtual size: 96KB

.idata Size: 4KB - Virtual size: 4KB

sect_1
Size: 96KB - Virtual size: 96KB

.idata
Size: 4KB - Virtual size: 4KB