f7f2096d09ab6a0efcd205fa2e6ddb7efa9266410731d6ce32b8bad9849a9d5e

Sharing

Copy URL Twitter E-mail

General

Target

f7f2096d09ab6a0efcd205fa2e6ddb7efa9266410731d6ce32b8bad9849a9d5e
Size

270KB
MD5

264cfd38c842767154c95c3beafe5060
SHA1

99729fa1b2bdc2635e025054eb5c1fd4ca3f0e5c
SHA256

f7f2096d09ab6a0efcd205fa2e6ddb7efa9266410731d6ce32b8bad9849a9d5e
SHA512

574b6a891a5e22aed5bb5c6d0cea32a8402c81c8f4126a78ad31d74a91e35c3ea0f15688334185a581a6d49b3b64af041be0fbbd6cadc04936e1c542fd19ee56
SSDEEP

6144:MqM2QLrayL6G9ykUdKBpolZkHBPzCES7V/Lc7Czd3:MraU+k7DekhP5M/Lke3

Score

N/A

Malware Config

Signatures

Files

f7f2096d09ab6a0efcd205fa2e6ddb7efa9266410731d6ce32b8bad9849a9d5e
.exe windows x86

c510dea76f6096f5cfe2c672a3e799c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

socket
closesocket
gethostbyname
send
gethostname
recv
ntohl
htonl
htons
ntohs
getservbyport
gethostbyaddr
WSAGetLastError
connect
WSAStartup

iphlpapi

GetTcpTable
GetUdpTable
SetTcpEntry

comctl32

CreateToolbarEx
ord17
ImageList_ReplaceIcon
ImageList_Create
ord6

psapi

GetModuleFileNameExA

kernel32

CreateEventA
GetSystemDirectoryA
DeviceIoControl
GetModuleFileNameA
DuplicateHandle
GetVersion
GetCurrentProcessId
DeleteFileA
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
HeapFree
GlobalLock
WaitForSingleObject
SetEvent
GetTickCount
GetProcessHeap
GetNumberFormatA
FormatMessageA
GetUserDefaultLangID
InitializeCriticalSection
GlobalAlloc
LeaveCriticalSection
TerminateProcess
GlobalUnlock
EnterCriticalSection
GlobalReAlloc
ExpandEnvironmentStringsA
GetStringTypeW
GetStringTypeA
SetStdHandle
WriteConsoleW
WriteConsoleA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
ReadProcessMemory
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
ExitProcess
Sleep
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
RtlUnwind
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateThread
ResumeThread
ExitThread
HeapAlloc
SetEndOfFile
ReadFile
OpenProcess
LocalFree
LocalAlloc
LoadLibraryA
GetCommandLineW
CloseHandle
GetModuleHandleA
LockResource
GetProcAddress
SetLastError
GetLastError
SizeofResource
GetCurrentProcess
LoadResource
FindResourceA
CreateFileA
HeapSize
lstrlenA
GetConsoleOutputCP

user32

ScreenToClient
SetTimer
CloseClipboard
DestroyWindow
GetWindowRect
PostQuitMessage
TrackPopupMenu
IsIconic
FillRect
SetCapture
KillTimer
IsZoomed
DrawTextA
GetSubMenu
DrawIconEx
LoadStringA
GetFocus
LoadMenuA
LoadIconA
InvalidateRgn
GetClientRect
CreateMenu
SetFocus
GetDC
ChildWindowFromPoint
GetMenu
SetWindowLongA
InvalidateRect
GetWindowLongA
ClientToScreen
ReleaseDC
EnableMenuItem
EmptyClipboard
DefWindowProcA
GetSysColor
SetWindowPos
GetCursorPos
ShowWindow
DrawMenuBar
PostMessageA
OpenClipboard
ReleaseCapture
GetSystemMetrics
InsertMenuA
SetClipboardData
CallWindowProcA
SetMenuItemInfoA
DialogBoxParamA
DestroyIcon
SetDlgItemTextA
CheckMenuItem
MoveWindow
MessageBoxA
SetCursor
SendMessageA
InflateRect
GetDlgItem
EndDialog
GetSysColorBrush
SetWindowTextA
DialogBoxIndirectParamA
LoadCursorA
CreateWindowExA
GetParent

gdi32

StartDocA
SetMapMode
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkColor
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
GetBkColor
GetTextMetricsA
GetObjectA
GetStockObject
CreateSolidBrush
EndPage
StartPage
EndDoc

comdlg32

ChooseFontA
PrintDlgA
GetSaveFileNameA

advapi32

GetTokenInformation
RegQueryValueExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCreateKeyA
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
EqualSid
AllocateAndInitializeSid
FreeSid
RegOpenKeyA
RegOpenKeyExA

shell32

ShellExecuteExA
SHGetFileInfoA
ShellExecuteA

oleaut32

VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c510dea76f6096f5cfe2c672a3e799c1

Headers

DLL Characteristics

File Characteristics

Imports

version

ws2_32

iphlpapi

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 15KB - Virtual size: 26KB

.rsrc Size: 98KB - Virtual size: 100KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 15KB - Virtual size: 26KB

.rsrc
Size: 98KB - Virtual size: 100KB