f53b8a3e3f628c4a1d0512d93a0957b1a34b3e7d436f294d6cd5953e841709ae

Sharing

Copy URL Twitter E-mail

General

Target

f53b8a3e3f628c4a1d0512d93a0957b1a34b3e7d436f294d6cd5953e841709ae
Size

40KB
MD5

0ff524ea1b48c960bf586825c56a423b
SHA1

757bf10c63ac3a268e87e2ae10c49d1b7fbbf8cb
SHA256

f53b8a3e3f628c4a1d0512d93a0957b1a34b3e7d436f294d6cd5953e841709ae
SHA512

72579c6450f18cf7c92a284f5a2e0f0c90add6e068ee59ee2fd96ed82b9e517d3d220eb83f1561a9958c334105fa555adf0c8c6bd918fc4de61fdd10eaeb47b3
SSDEEP

384:b++Ad35lt2+NT/uUxfa9/ZoJkED1fPk6oGCxOhpm56OovKtMjXZm+AWbI3QW:b+b35f2+ZTxS3kkEDRPkIpm5yBpmaI3

Score

N/A

Malware Config

Signatures

Files

f53b8a3e3f628c4a1d0512d93a0957b1a34b3e7d436f294d6cd5953e841709ae
.exe windows x86

57d25797f1b25724a0ea707abc02f131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetTimeZoneInformation
GetLocalTime
GlobalAlloc
GetCurrentProcess
GetLastError
GetCurrentThread
GlobalFree
GetModuleFileNameW
WaitForMultipleObjects
SetErrorMode
Sleep
GetVersionExW
CreateFileW
CreateWaitableTimerW
CancelWaitableTimer
CreateEventW
ExitThread
GetTickCount
SizeofResource
LoadResource
FindResourceExW
GetModuleHandleW
GetTempPathW
GetCurrentThreadId
GetTempFileNameW
GetStartupInfoW
WriteFile
CreateProcessW
CloseHandle
LoadLibraryW
SetWaitableTimer
GetProcAddress
GetShortPathNameA
MoveFileA
GetFileAttributesA
CreateDirectoryA
CreateFileA
GetModuleFileNameA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
WaitForSingleObject
GetModuleHandleA
FreeLibrary
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
SetFilePointer
FindClose
FindFirstFileA
DeleteFileA

user32

GetKeyboardLayoutList
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
PostThreadMessageW
PeekMessageW
CharToOemBuffA

advapi32

GetTokenInformation
OpenProcessToken
OpenThreadToken
AllocateAndInitializeSid
EqualSid

wininet

InternetOpenW
InternetCrackUrlW
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr
WSACleanup
WSAStartup
gethostbyname

dnsapi

DnsRecordListFree
DnsNameCompare_W

msvcrt

swscanf
strtok
sscanf
??3@YAXPAX@Z
_controlfp
_except_handler3
__set_app_type
??2@YAPAXI@Z
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
_XcptFilter
_exit
time
_wstrtime
_wstrdate
exit
malloc
wcslen
free
swprintf
wcscmp
_beginthreadex
realloc
wcsncpy
wcscat
wcscpy
_wstat
mbstowcs
wcstombs
_c_exit
sprintf
fprintf
_iob
isdigit
islower
__getmainargs

snmpapi

SnmpUtilMemFree
SnmpUtilOidCpy

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57d25797f1b25724a0ea707abc02f131

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

iphlpapi

ws2_32

dnsapi

msvcrt

snmpapi

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB