e40fceefc7fe490397cce5da7ae52ac5cfb6d4e298d0d3a36c6590dcffbb71ca

Sharing

Copy URL Twitter E-mail

General

Target

e40fceefc7fe490397cce5da7ae52ac5cfb6d4e298d0d3a36c6590dcffbb71ca
Size

148KB
MD5

04394131735c8cd49677fdb7ef1eb04d
SHA1

02e9aa23c8a25cff723eb60999d009b4856e4591
SHA256

e40fceefc7fe490397cce5da7ae52ac5cfb6d4e298d0d3a36c6590dcffbb71ca
SHA512

ddf2e01c0bfaaa0602ae9b4803da795cb125cd26d3c2cd1cc1fdcf6f868203001f9e5d85dfabc3791eef242ad68efea817eec7a6b9da34fcd0248efe34853e0b
SSDEEP

3072:TuLhSQIJsRFdPqhyiJKDc50rxFhAYlbzaeZ/Ate:khS18Rr/DE4FhAYlbzBZ/

Score

N/A

Malware Config

Signatures

Files

e40fceefc7fe490397cce5da7ae52ac5cfb6d4e298d0d3a36c6590dcffbb71ca
.exe windows x86

7ec74c3a1f909a06e04f436a1948f2ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetLocalTime
GetCurrentProcessId
CreateProcessA
InitializeCriticalSection
lstrcpyA
DeleteFileA
lstrcatA
lstrcmpiA
LocalFree
LocalSize
LocalAlloc
lstrlenA
TerminateProcess
OpenProcess
LocalReAlloc
GetVersionExA
GetCurrentThreadId
GetSystemInfo
CancelIo
SetErrorMode
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
LCMapStringW
LCMapStringA
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
GetExitCodeProcess
GetStringTypeW
GetStringTypeA
InterlockedExchange
SetEvent
ResetEvent
GetLastError
WaitForSingleObject
CloseHandle
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
Sleep
VirtualFree
DeleteCriticalSection
FreeLibrary
LoadLibraryA
GetComputerNameA
GetProcAddress
MultiByteToWideChar
SetFilePointer
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileAttributesA
UnhandledExceptionFilter
GetCurrentProcess
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
SetUnhandledExceptionFilter
RtlUnwind
RaiseException
HeapAlloc
HeapFree
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TlsAlloc
SetLastError

user32

MessageBoxA
DestroyCursor
GetCursorInfo
ExitWindowsEx
GetWindowThreadProcessId
IsWindowVisible
CloseDesktop
SetThreadDesktop
GetWindowTextA
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
PostMessageA
SendMessageA
IsWindow
wsprintfA
OpenInputDesktop
LoadCursorA
GetSystemMetrics

advapi32

OpenSCManagerA
DeleteService
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ws2_32

WSACleanup
htons
setsockopt
gethostbyname
socket
recv
select
closesocket
send
inet_addr
connect
sendto
WSASocketA
htonl
inet_ntoa
getsockname
bind
recvfrom
__WSAFDIsSet
WSAIoctl
WSAStartup

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ec74c3a1f909a06e04f436a1948f2ae

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 145KB - Virtual size: 145KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 145KB

.rsrc
Size: 1KB - Virtual size: 4KB