fe31c2747c431675c084e6f3d9c9d373aa1020e79514305e44c058231adc16b6

Sharing

Copy URL Twitter E-mail

General

Target

fe31c2747c431675c084e6f3d9c9d373aa1020e79514305e44c058231adc16b6
Size

31KB
MD5

0f8dcbdd4c3f0852f98998da3b1a24d0
SHA1

03e2d4ae716d3580fb41041d82389782c8063a2c
SHA256

fe31c2747c431675c084e6f3d9c9d373aa1020e79514305e44c058231adc16b6
SHA512

befd4edaeeefe8ee2a042e420d347862fdc9a328b1a58c75575918d64057460b97fe85c013696220f91796bce28da2e30e43105fbacc47c0bd43e97cdb20d8c8
SSDEEP

768:mKJX4TdiFJUKY7atYsdpyhuxgw5UZ51RiuiVflSw7:tW4FJUKFYsdptx5UZ51RiuiJl3

Score

N/A

Malware Config

Signatures

Files

fe31c2747c431675c084e6f3d9c9d373aa1020e79514305e44c058231adc16b6
.exe windows x86

1b1b61762c1a4cc61a0e5cc8ddaf4732

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CloseHandle
WaitForSingleObject
FindClose
WriteFile
FindFirstFileA
ReadFile
VirtualAlloc
GetFileSize
CreateFileA
GetModuleFileNameA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetSystemInfo
LoadResource
SizeofResource
FindResourceA
EnumResourceNamesA
EndUpdateResourceA
lstrlenA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
GlobalAlloc
GetFileAttributesA
ExitProcess
GetLastError
CreateMutexA
CopyFileA
GetModuleHandleA
GlobalMemoryStatusEx
GetSystemDefaultUILanguage
GetCurrentProcessId
ExitThread
LoadLibraryA
Sleep
GetProcAddress
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetTickCount
LockResource
GetStartupInfoA

user32

wsprintfA

advapi32

OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA

ws2_32

select
__WSAFDIsSet
recv
send
socket
connect
gethostname
inet_ntoa
WSAStartup
WSASocketA
WSAGetLastError
setsockopt
htons
htonl
sendto
closesocket
WSACleanup
inet_addr
gethostbyname

iphlpapi

GetIfTable

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??3@YAXPAX@Z
strncmp
exit
atoi
time
localtime
strcat
strstr
malloc
rand
sprintf
memset
printf
fprintf
_iob
memcpy
_except_handler3
_local_unwind2
strlen
??2@YAPAXI@Z
strcpy
_ftol
free

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b1b61762c1a4cc61a0e5cc8ddaf4732

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

iphlpapi

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 11KB