fe5c8b4dcf349968e735ce6b71f35720f29ef866b74c9f2fd7cceb490ad33d4c

Sharing

Copy URL Twitter E-mail

General

Target

fe5c8b4dcf349968e735ce6b71f35720f29ef866b74c9f2fd7cceb490ad33d4c
Size

1.5MB
MD5

1143f25ed312771b0bc471e571147e20
SHA1

621da04ce13a10f6e7e8b2fe9816256145d6a4e5
SHA256

fe5c8b4dcf349968e735ce6b71f35720f29ef866b74c9f2fd7cceb490ad33d4c
SHA512

805c20d2fcc194af107d22839d76dbb759d4c2d38c6d8e3d5e03ccee972a7b3f6c78ce120e5d3adba226da2752448e4f1628cc313406eb39897af1a6e6e55d80
SSDEEP

49152:yUEO7UcUx857ZCdGv+NOdTa0hGZTIelHNHFQt8J8:tUcxZjcFVG

Score

N/A

Malware Config

Signatures

Files

fe5c8b4dcf349968e735ce6b71f35720f29ef866b74c9f2fd7cceb490ad33d4c
.exe windows x86

a34d4d8bfc1e4701e58264046c9b3cdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
FindWindowW
PostMessageW
SendMessageTimeoutW
SendMessageW

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW

advapi32

GetUserNameA
RegQueryValueExA
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorA
InitializeSecurityDescriptor
SetNamedSecurityInfoA
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegQueryInfoKeyW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

ws2_32

htons
ntohs
select
getaddrinfo
WSCEnumProtocols
send
recv
WSASocketW
socket
sendto
recvfrom
__WSAFDIsSet
gethostname
WSASend
ioctlsocket
WSASetLastError
closesocket
WSAGetLastError
setsockopt
WSACleanup
WSAStartup
accept
htonl
listen
WSARecv
bind
WSAStringToAddressA
getpeername
connect
getsockopt
freeaddrinfo
shutdown
ntohl
getsockname

kernel32

PeekNamedPipe
GetVersionExW
ReadFile
GetFileSize
SetFilePointer
GetTimeZoneInformation
GetLocaleInfoA
GetUserDefaultLCID
GetDriveTypeA
GetFullPathNameA
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
GetStartupInfoA
GetFileType
SetHandleCount
GetWindowsDirectoryW
FreeLibrary
GetCurrentProcess
GetCurrentThreadId
OpenProcess
SetWaitableTimer
WaitForSingleObject
SetEvent
LeaveCriticalSection
GetProcAddress
InterlockedExchange
CloseHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetLastError
Process32NextW
CreateToolhelp32Snapshot
Module32FirstW
InterlockedIncrement
EnterCriticalSection
PostQueuedCompletionStatus
CreateEventW
SleepEx
TlsFree
InterlockedDecrement
CreateWaitableTimerW
LoadLibraryW
Process32FirstW
TlsAlloc
TerminateProcess
InterlockedExchangeAdd
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
Sleep
GetDriveTypeW
GetDiskFreeSpaceExW
CreateProcessW
FindFirstFileA
AllocConsole
FindClose
SetConsoleOutputCP
FileTimeToLocalFileTime
GetModuleFileNameW
GetACP
FileTimeToSystemTime
FreeConsole
CopyFileW
GetTickCount
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
GetQueuedCompletionStatus
SetLastError
HeapAlloc
GetProcessHeap
HeapFree
TlsSetValue
CreateIoCompletionPort
TlsGetValue
DeleteCriticalSection
QueueUserAPC
TerminateThread
OpenMutexW
CreateMutexW
GlobalFree
GlobalAlloc
QueryPerformanceFrequency
ReleaseMutex
GetCurrentProcessId
CreateFileA
SetUnhandledExceptionFilter
GetLocalTime
GetCurrentThread
InitializeCriticalSection
VirtualQuery
GetVersionExA
VirtualProtect
WriteProcessMemory
GlobalMemoryStatus
GlobalMemoryStatusEx
GetLogicalDriveStringsW
GetCommandLineW
GetSystemDefaultLCID
GetThreadContext
GetEnvironmentVariableA
GetFileAttributesW
SuspendThread
ResumeThread
GetModuleFileNameA
GetCurrentDirectoryA
ReadProcessMemory
GetEnvironmentVariableW
CreateFileMappingA
OpenFileMappingA
LocalFree
MapViewOfFile
OutputDebugStringA
ResetEvent
OpenEventA
SystemTimeToFileTime
FormatMessageA
ReleaseSemaphore
CreateWaitableTimerA
SetEndOfFile
CreateFileW
RemoveDirectoryW
DeleteFileW
DeviceIoControl
FindFirstFileW
FindNextFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileInformationByHandle
CreateDirectoryW
GetModuleHandleA
AreFileApisANSI
ExitThread
CreateThread
ExitProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
SetEnvironmentVariableW
MoveFileW
HeapReAlloc
GetTimeFormatA
GetDateFormatA
LCMapStringA
LCMapStringW
RaiseException
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
HeapSize
WriteFile
GetStdHandle
LoadLibraryA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
WriteConsoleA

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
HttpQueryInfoW
InternetSetOptionW
InternetOpenW
InternetSetFilePointer
InternetReadFile
InternetCloseHandle
InternetTimeToSystemTimeA
HttpQueryInfoA

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 258KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a34d4d8bfc1e4701e58264046c9b3cdc

Headers

File Characteristics

Imports

user32

version

advapi32

shell32

ws2_32

kernel32

wininet

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 206KB - Virtual size: 206KB

.data Size: 31KB - Virtual size: 46KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 258KB - Virtual size: 260KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 206KB - Virtual size: 206KB

.data
Size: 31KB - Virtual size: 46KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 258KB - Virtual size: 260KB