2ceaf484244de1261c498355cbc6c4e0b7bbfdcd16b95f370923d713dbe71904

Sharing

Copy URL Twitter E-mail

General

Target

2ceaf484244de1261c498355cbc6c4e0b7bbfdcd16b95f370923d713dbe71904
Size

244KB
MD5

0a91021aabe30aafadcb1901c106da1f
SHA1

07e017e86b51673d64feadbe3619c3fdb085f0d0
SHA256

2ceaf484244de1261c498355cbc6c4e0b7bbfdcd16b95f370923d713dbe71904
SHA512

de9ca953bcc9b1283b159e621e337e4b9a3e6797230b26058c5b58729b6aa1eb2d2b02f048358c8b4ff29d58361cd0dd05d9bd42ccf877e427964d9324eb2934
SSDEEP

3072:HOZxw49PhO3WO715eYhKTZSZZlVvJ8IxvMiZehk6VPAggjwV2xW5YtL:Gw49pOmYB8NCZXJ6S7UVrC

Score

N/A

Malware Config

Signatures

Files

2ceaf484244de1261c498355cbc6c4e0b7bbfdcd16b95f370923d713dbe71904
.exe windows x86

fad75a8ae1b124c3c73a36d6e24cc7fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetFileSize
CreateFileA
MoveFileA
DeleteFileA
GetModuleFileNameA
FlushFileBuffers
WriteFile
SetFilePointer
GetSystemDirectoryA
CreateEventA
Sleep
CreateThread
GetModuleHandleA
GetCurrentProcess
ReleaseMutex
CreateMutexA
WinExec
GetCurrentDirectoryA
lstrlenA
GetSystemDefaultLangID
GetCurrentProcessId
FileTimeToSystemTime
CompareStringW
CompareStringA
SetEndOfFile
CreateFileW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FindNextFileA
GetLogicalDriveStringsA
ResetEvent
SetEvent
FindClose
CopyFileA
lstrcpyA
lstrcatA
GetStdHandle
CreatePipe
SetStdHandle
GetStartupInfoA
CreateProcessA
ReadFile
GetLastError
WaitForSingleObject
SetFileAttributesA
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
SetEnvironmentVariableA
FreeEnvironmentStringsA
HeapSize
LoadLibraryA
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetProcAddress
ExitProcess
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

DispatchMessageA
PeekMessageA
DefWindowProcA
GetMessageA
CreateWindowExA
RegisterClassA
GetSystemMetrics
wsprintfA
TranslateMessage
EnumChildWindows
keybd_event
GetWindowTextA
GetClassNameA
mouse_event
GetWindowInfo
FindWindowExA
GetCursorPos
SetTimer
KillTimer
EnumWindows
PostMessageA
SetCursorPos

gdi32

CreateDCA
CreateDIBSection
CreateCompatibleDC
SelectObject
SetStretchBltMode
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps

advapi32

RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA

shlwapi

PathFileExistsA

ws2_32

WSASetLastError
inet_ntoa
gethostbyname
gethostname
WSASocketA
connect
htons
WSAGetOverlappedResult
closesocket
WSAGetLastError
WSARecv
WSASend
setsockopt
recvfrom
sendto
bind
socket
WSAStartup

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fad75a8ae1b124c3c73a36d6e24cc7fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

ws2_32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 45KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 45KB