045882339f66cef63b2a8f99b5cc988a56574e644b4f61f20c8b7bf9d09324b1

Sharing

Copy URL Twitter E-mail

General

Target

045882339f66cef63b2a8f99b5cc988a56574e644b4f61f20c8b7bf9d09324b1
Size

798KB
MD5

200a8c81d0faa15f38f817b60cd34320
SHA1

fae5aa3302aa73984d6f154baec60f8ca202f9fb
SHA256

045882339f66cef63b2a8f99b5cc988a56574e644b4f61f20c8b7bf9d09324b1
SHA512

a5625d2a6f023066c32271343fb730d548d43baeb7a0f542adf11c2a3dc563c80bb410e33a74de59a008c76819d4c3082bd445fa52fa18356a48c08711ad84fe
SSDEEP

12288:brH7lGqK5r2MPp0fp+55K/mLfxYlRhRCTs1GguN1uBhScGC8Y2G5caCmqO9Gwh1m:brh1FMPp0x/COGguN1ua2ca2Mp8TnnRf

Score

N/A

Malware Config

Signatures

Files

045882339f66cef63b2a8f99b5cc988a56574e644b4f61f20c8b7bf9d09324b1
.exe windows x86

9b28bf2040524d21c164197ae8c3474a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

listen
accept
ioctlsocket
gethostname
WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
setsockopt
getsockname
ntohs
bind
htons
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt

wldap32

ord46
ord41
ord27
ord301
ord33
ord200
ord79
ord35
ord32
ord30
ord26
ord50
ord60
ord143
ord211
ord22

kernel32

GetConsoleMode
GetConsoleCP
UnhandledExceptionFilter
GetStartupInfoW
RtlUnwind
DecodePointer
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
RaiseException
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetLastError
MultiByteToWideChar
lstrlenA
LockResource
LoadResource
FindResourceW
InterlockedDecrement
lstrlenW
GetProcAddress
GetModuleHandleW
SetLastError
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateMutexW
CloseHandle
FreeConsole
AllocConsole
lstrcmpiW
FreeLibrary
SizeofResource
LoadLibraryExW
GetModuleFileNameW
Sleep
GetCommandLineW
WideCharToMultiByte
GetCurrentProcessId
GetTickCount
WaitForSingleObject
ReleaseMutex
DeleteFileW
CreateProcessW
SetFilePointer
CreateFileW
WriteFile
OutputDebugStringA
FormatMessageA
InterlockedExchangeAdd
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileExW
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
CreateDirectoryW
FindClose
GetTempPathW
GetCurrentDirectoryW
ExitProcess
ReadFile
SetUnhandledExceptionFilter
InterlockedCompareExchange
LocalFree
GetExitCodeProcess
HeapSetInformation
GetModuleHandleExA
TerminateProcess
GetStdHandle
GetSystemTimeAsFileTime
SetEvent
CreateEventW
WaitForMultipleObjects
TlsGetValue
TlsFree
TlsSetValue
TlsAlloc
CreateThread
IsDebuggerPresent
QueryPerformanceCounter
QueryPerformanceFrequency
GetNativeSystemInfo
GetVersionExW
SetEndOfFile
FlushFileBuffers
GetFileInformationByHandle
GetSystemDirectoryW
GetWindowsDirectoryW
InterlockedExchange
GetQueuedCompletionStatus
CreateIoCompletionPort
PostQueuedCompletionStatus
InitializeCriticalSection
SleepEx
VerifyVersionInfoA
VerSetConditionMask
PeekNamedPipe
GetFileType
LoadLibraryA
HeapReAlloc
CreateFileA
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
ExitThread
GetDriveTypeA
FindFirstFileExA
LCMapStringW
GetCPInfo
GetLocaleInfoW
HeapCreate
HeapSize
GetFileAttributesA
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
WriteConsoleW
SetStdHandle
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
GetStringTypeW
GetFullPathNameA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateProcessA
GetDriveTypeW
CompareStringW
SetEnvironmentVariableA
ExpandEnvironmentStringsA

user32

RegisterWindowMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CharNextW
CreateDialogParamW
MessageBoxW
CallMsgFilterW
GetQueueStatus
WaitMessage
MsgWaitForMultipleObjectsEx
UnregisterClassW
GetSubMenu
CallWindowProcW
DestroyIcon
DefWindowProcW
LoadMenuW
LoadCursorW
GetClassInfoExW
IsWindow
KillTimer
SetTimer
CreateWindowExW
SetMenuDefaultItem
GetMenuDefaultItem
IsMenu
MessageBoxA
GetActiveWindow
GetSystemMetrics
DialogBoxParamW
EndDialog
SendDlgItemMessageW
PostQuitMessage
LoadImageW
DestroyMenu
DestroyWindow
EnableMenuItem
GetParent
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
RegisterClassExW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageW
SetWindowLongW
GetWindowLongW
SendMessageW
GetSystemMenu
ShowWindow
IsWindowVisible
SetDlgItemTextW
SetWindowPos
IsDialogMessageW
GetDlgItem
UnregisterClassA

advapi32

RegCreateKeyExW
RegOpenKeyExW
CryptGetHashParam
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
CryptCreateHash
CryptAcquireContextA
CryptHashData
CryptReleaseContext
CryptDestroyHash

shell32

SHGetFolderPathW
CommandLineToArgvW
SHFileOperationW
Shell_NotifyIconW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

Sections

.text
Size: 499KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b28bf2040524d21c164197ae8c3474a

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

Sections

.text Size: 499KB - Virtual size: 498KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 9KB - Virtual size: 21KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 97KB - Virtual size: 97KB

.reloc Size: 95KB - Virtual size: 96KB

.text
Size: 499KB - Virtual size: 498KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 9KB - Virtual size: 21KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 97KB - Virtual size: 97KB

.reloc
Size: 95KB - Virtual size: 96KB