81302610a9f6b611a499cf77f695a8f57ea2c9f0371251ba001250eee4306a8f

Sharing

Copy URL Twitter E-mail

General

Target

81302610a9f6b611a499cf77f695a8f57ea2c9f0371251ba001250eee4306a8f
Size

46KB
MD5

0db40e01501c18dab59a7552897361a0
SHA1

09a29199296aa9220cc83b29c959da8e6af5a5c5
SHA256

81302610a9f6b611a499cf77f695a8f57ea2c9f0371251ba001250eee4306a8f
SHA512

5ab6a9eca4b776ef79dd95396661045623b030e32a8a47435da0bb7418a1a0c514c08b5916a657939646a8443ea3002e7b4b14de361fbc9de3dcb95604b39608
SSDEEP

768:UurSYdKA/lSwzwratJeDKqjEpDZgevlqVNwgQBoTPaYH9A/q5T1rDnnGI:UYFSw8ratJe9jEp1zjgQcaYd2qtZV

Score

N/A

Malware Config

Signatures

Files

81302610a9f6b611a499cf77f695a8f57ea2c9f0371251ba001250eee4306a8f
.exe windows x86

357218b9d2cb8dd2d034d9f6e4eba936

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringA

psapi

GetModuleFileNameExA
GetProcessImageFileNameA
EnumProcessModules

userenv

GetAllUsersProfileDirectoryA

iphlpapi

GetAdaptersInfo

wininet

InternetCloseHandle
InternetReadFile
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetOptionA
HttpSendRequestA
HttpQueryInfoA

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
socket

shlwapi

wnsprintfA
StrStrIA
StrStrA

kernel32

GetSystemDirectoryA
GetVolumeInformationA
WideCharToMultiByte
SystemTimeToFileTime
GetVersionExA
GetSystemInfo
GetModuleHandleA
GetProcAddress
Sleep
lstrlenA
CreateThread
lstrcatA
CopyFileA
lstrcpyA
lstrcmpiA
GetEnvironmentVariableA
HeapFree
HeapAlloc
GetProcessHeap
VirtualAlloc
OpenProcess
Process32Next
GetCurrentProcessId
CloseHandle
Process32First
CreateToolhelp32Snapshot
CreateProcessA
ResumeThread
SetThreadContext
GetThreadContext
WriteProcessMemory
TerminateProcess
VirtualAllocEx
VirtualFree
CreateRemoteThread
WaitForSingleObject
GetLastError
GetExitCodeThread
TerminateThread
lstrcpynA
ReadFile
GetFileSize
CreateFileA
CreateMutexA
GetModuleFileNameA
GetLocalTime
ExitProcess
WriteFile
GetTempFileNameA
GetTickCount
GetExitCodeProcess
ReleaseSemaphore
WaitForMultipleObjects
ResetEvent
SetEvent
CreateEventA
CreateSemaphoreA
GetCommandLineA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcess

user32

wsprintfA
GetSystemMetrics

advapi32

CryptDecrypt
RegSetValueExA
OpenProcessToken
GetTokenInformation
CreateWellKnownSid
EqualSid
CryptCreateHash
RegOpenKeyExA
RegDeleteValueA
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegCloseKey
CryptEncrypt
CryptAcquireContextA
CryptGenKey
CryptExportKey
CryptDestroyKey
CryptImportKey
CryptReleaseContext
RegQueryValueExA

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
StringFromCLSID
CoCreateInstance

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

357218b9d2cb8dd2d034d9f6e4eba936

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

psapi

userenv

iphlpapi

wininet

ws2_32

shlwapi

kernel32

user32

advapi32

ole32

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 20KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1KB - Virtual size: 1KB