a9b9ff12c3b6e3fcc8f3b72e4e08de5e79ef5fbfa8cd300a71048cb0671260b0

Sharing

Copy URL Twitter E-mail

General

Target

a9b9ff12c3b6e3fcc8f3b72e4e08de5e79ef5fbfa8cd300a71048cb0671260b0
Size

100KB
MD5

048a97714f85e0cbeaadc3244e3a7760
SHA1

088d2fa689262030707463592640075ab8e2a85a
SHA256

a9b9ff12c3b6e3fcc8f3b72e4e08de5e79ef5fbfa8cd300a71048cb0671260b0
SHA512

3449395857edd37b47d5a0b0fd3b884cae0fa96a386b9b48583b5d2cea066f483dbe108644149575d16373602aa44e72c686c25af7a86c61e09066eae026e9e8
SSDEEP

1536:D0CLwLHt6klqtAqoJyHzmn4PmdftL7aGEN1kyO:LL66+qtAqoJyHzmncmfBGk1

Score

N/A

Malware Config

Signatures

Files

a9b9ff12c3b6e3fcc8f3b72e4e08de5e79ef5fbfa8cd300a71048cb0671260b0
.exe windows x86

7ff5acdd982f75debaeb38f98e4b66f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
OpenMutexA
WinExec
GetTempPathA
WaitForSingleObject
GetLastError
CreateMutexA
GetCurrentThreadId
GlobalMemoryStatusEx
GetSystemInfo
GetModuleFileNameA
GetVersionExA
GetSystemDefaultUILanguage
ExitThread
GetSystemDirectoryA
GetTickCount
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetShortPathNameA
GetEnvironmentVariableA
lstrcatA
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetCurrentProcess
CloseHandle
CreateThread
Sleep
HeapFree
LoadLibraryA
lstrcpyA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateProcessA
SetFilePointer
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
HeapReAlloc
HeapAlloc
RaiseException
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

wsprintfA
ExitWindowsEx
MessageBoxA
GetMessageA
PostThreadMessageA
GetInputState
GetDesktopWindow

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

select
closesocket
WSAStartup
connect
socket
htons
WSAIoctl
setsockopt
recv
send
__WSAFDIsSet
gethostbyname
inet_addr
sendto
WSASocketA
htonl

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ff5acdd982f75debaeb38f98e4b66f7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 4KB