c896e1ef2206ec727613187023071d76f48990e84de9b813f503e2401fc73516

Sharing

Copy URL Twitter E-mail

General

Target

c896e1ef2206ec727613187023071d76f48990e84de9b813f503e2401fc73516
Size

675KB
MD5

316b2373fd798079977586ee5af89ef0
SHA1

1f356a5be823342407b41f1f89f80722373cb0c2
SHA256

c896e1ef2206ec727613187023071d76f48990e84de9b813f503e2401fc73516
SHA512

2622c045668bbf4c9bdd82e3e07a27ea5d653d7e6ae0974e18c83328e40bc49636943e3fc63d22d27a1b6730e477b88f20e2e19b310573bafbeb1f983339618e
SSDEEP

12288:607qkYH7P5dIbzMb1KbgCL1WlZ7d5SohT4Kthuklk:6sqkYXIh0UOl/S4MsEW

Score

N/A

Malware Config

Signatures

Files

c896e1ef2206ec727613187023071d76f48990e84de9b813f503e2401fc73516
.exe windows x86

1534d429fd817082bd0168008018cfa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSACleanup
WSAStartup

cabinet

ord11
ord14
ord10

gpedit

ImportRSoPData
BrowseForGPO
DeleteGPOLink
CreateGPOLink

kernel32

GetModuleFileNameA
CreateFileA
CloseHandle
VirtualProtect
EnterCriticalSection
InitializeCriticalSection
SetTapeParameters
TlsGetValue
OpenMutexA
RemoveDirectoryA
TlsAlloc
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1534d429fd817082bd0168008018cfa9

Headers

File Characteristics

Imports

ws2_32

cabinet

gpedit

kernel32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 240KB - Virtual size: 282KB

.rsrc Size: 252KB - Virtual size: 252KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 240KB - Virtual size: 282KB

.rsrc
Size: 252KB - Virtual size: 252KB

.reloc
Size: 5KB - Virtual size: 5KB