bf1ce1f3c7e6d322579640ea2cdf34e1170ac5bb5b6c85016c2f02e6e9c7aa3f

Sharing

Copy URL Twitter E-mail

General

Target

bf1ce1f3c7e6d322579640ea2cdf34e1170ac5bb5b6c85016c2f02e6e9c7aa3f
Size

208KB
MD5

3b1974ac23900940f00ac64244438dff
SHA1

86cdd99b4a8fbea4c25c1024b6d91316fa068336
SHA256

bf1ce1f3c7e6d322579640ea2cdf34e1170ac5bb5b6c85016c2f02e6e9c7aa3f
SHA512

a312b66e064f74bd83810f3822a79c20e3f3d924b8893877602233f5a327c4b3e30f87b2d2df4987f80157d9b7d7566e6990ad2351b3605f49bc5dce6467d6f5
SSDEEP

3072:PcQl2vPQdjAcMffMlYl5pwqF0q6kfQMHNE+nAW95/yl:P3l2vPQicM846qmqnfhfyl

Score

N/A

Malware Config

Signatures

Files

bf1ce1f3c7e6d322579640ea2cdf34e1170ac5bb5b6c85016c2f02e6e9c7aa3f
.exe windows x86

1ba49dda75b5dcba33bbeec3c5a2a6d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LocalFree
FormatMessageA
ExitProcess
CreateMutexA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
ReadFile
GetFileAttributesA
GetLastError
CopyFileA
GetModuleFileNameA
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetFileSize
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
GetSystemDirectoryA
lstrcmpiA
FreeResource
TerminateThread
CreateProcessA
FindResourceA
SizeofResource
LoadResource
LockResource
WriteFile
lstrlenA
WaitForSingleObject
GetTempPathA
WinExec
lstrcpyA
HeapAlloc
CreateThread
CloseHandle
CreateFileA
Sleep
GlobalAlloc
GlobalFree
DeviceIoControl
GetTickCount
lstrcatA
LoadLibraryA
GetProcAddress
DeleteFileA
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
HeapReAlloc
VirtualAlloc
SetFilePointer
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
TerminateProcess
LCMapStringW

user32

wsprintfA
FindWindowA
FindWindowExA
PostMessageA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegFlushKey
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey

ws2_32

recvfrom
ntohs
inet_ntoa
ntohl
send
WSASocketA
WSAGetLastError
setsockopt
WSAIoctl
sendto
WSACleanup
WSAStartup
htonl
socket
htons
connect
closesocket
inet_addr
gethostbyname
recv
__WSAFDIsSet
select
gethostname

iphlpapi

GetNetworkParams

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ba49dda75b5dcba33bbeec3c5a2a6d0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

iphlpapi

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 25KB

.rsrc Size: 140KB - Virtual size: 136KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 25KB

.rsrc
Size: 140KB - Virtual size: 136KB