fc1e3460459f6d1b94648197d79fa611d03d3c6b21bd8aa244bbc76f329608d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc1e3460459f6d1b94648197d79fa611d03d3c6b21bd8aa244bbc76f329608d4
Size

95KB
MD5

1258bca4fe3cd6d469f1220edd5bb616
SHA1

bdd36386e0360d8a2a87d655ceb8630ffc25c615
SHA256

fc1e3460459f6d1b94648197d79fa611d03d3c6b21bd8aa244bbc76f329608d4
SHA512

9532f4b7942f161173787ff1a05f3d7b4bec77432cf8d5347fa18610d0bc0660cf9fa203b4eae520a32a436c7e21570fc7775eab31160accd1f78d1c8bf8eabe
SSDEEP

1536:x3lzsDiuOt5n2ThA3+RNexPnyAqTnfnzTCwywoKxXtllgI+ntDllgI+nt5:3szOt5n2ThWsNexPnCrnPCpw5tbgbnt2

Score

N/A

Malware Config

Signatures

Files

fc1e3460459f6d1b94648197d79fa611d03d3c6b21bd8aa244bbc76f329608d4
.exe windows x86

b455de89bab7447e17846d0353eb4e7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
listen
accept
shutdown
recv
WSAStartup
socket
gethostbyname
htons
connect
send
closesocket
WSACleanup

kernel32

GetModuleHandleA
GetStartupInfoA
SetErrorMode
CreateFileMappingA
GetLastError
GetTickCount
GetLogicalDriveStringsA
GetDriveTypeA
SetFileAttributesA
GlobalAlloc
lstrlenA
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
SetConsoleTextAttribute
GetStdHandle
AllocConsole
FreeConsole
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
CreateProcessA
Sleep
CreateThread

advapi32

RegOpenKeyExA
RegQueryValueExA

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strdup
fseek
sprintf
fclose
ftell
_unlink
fopen
toupper
printf
malloc
strlen
fread
calloc
_except_handler3
fwrite
fputs
setvbuf
_iob
_fdopen
_open_osfhandle
strcat
rand
strcpy
strstr
strrchr
strcmp
memset
strtok
free
srand
__argv
__argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs

Sections

.bss
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE