3ffba8b20d89d1582652afcf25dbfa06d5ec6a8cdc88dbf7c5c81388c994a752

Sharing

Copy URL Twitter E-mail

General

Target

3ffba8b20d89d1582652afcf25dbfa06d5ec6a8cdc88dbf7c5c81388c994a752
Size

821KB
MD5

4035e98227fc88eee65255bb77649ae0
SHA1

e7012cd26f33816611ef7ab66c9054acde549677
SHA256

3ffba8b20d89d1582652afcf25dbfa06d5ec6a8cdc88dbf7c5c81388c994a752
SHA512

79b932463ec1926736316cd913f4521377b1e01674035442fdb37cf54c55cecf75fc060bce6e44731a3eb1e2ee78452f31933b8c5c33d4f57aec8445074dd127
SSDEEP

12288:CW+Ro0xrYAlvSTXZr3kzULhF52aLRghHE1957VUOTXfqy3H99jP:4NxrNoTXZr3mUgaLRGE1D7VZXfDbP

Score

N/A

Malware Config

Signatures

Files

3ffba8b20d89d1582652afcf25dbfa06d5ec6a8cdc88dbf7c5c81388c994a752
.exe windows x86

5e525c29ee0502b69fdd060032b31aaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

send
WSACleanup
inet_addr
ntohl
gethostname
WSAStartup
inet_ntoa
connect
closesocket
htons
ntohs
gethostbyname
recv
socket

netapi32

Netbios

wininet

HttpOpenRequestW
InternetConnectW
InternetReadFile
InternetQueryDataAvailable
InternetOpenW
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW

kernel32

LCMapStringW
LCMapStringA
TlsAlloc
TlsGetValue
GetLocaleInfoA
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedExchange
QueryPerformanceCounter
CreateDirectoryW
GetCurrentThreadId
CloseHandle
GetLastError
GetModuleFileNameW
GetTickCount
CreateMutexW
CreateFileW
FreeResource
SizeofResource
FindResourceW
LoadResource
LockResource
WriteFile
GetFileSize
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
lstrlenA
GetProcAddress
lstrlenW
GetCommandLineW
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
RaiseException
InterlockedDecrement
MoveFileW
WritePrivateProfileStringW
ReadFile
DeleteFileW
GetVersionExW
VirtualQuery
Sleep
FindClose
GetCurrentProcessId
GetCurrentProcess
LoadLibraryA
SetFileAttributesW
GetModuleHandleW
GetSystemTimeAsFileTime
GetModuleHandleA
GetProcessTimes
FindFirstFileW
QueryPerformanceFrequency
SetFilePointer
SetProcessAffinityMask
GetProcessAffinityMask
DeviceIoControl
DuplicateHandle
LoadLibraryW
FreeLibrary
CreateProcessW
CreatePipe
GetStdHandle
GetPrivateProfileIntW
CreateFileA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
RtlUnwind
GetStartupInfoW
GetProcessHeap
GetVersionExA
ExitProcess
HeapSize
HeapFree
HeapAlloc
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
FlushFileBuffers
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleOutputCP
WriteConsoleA
WriteConsoleW
SetEndOfFile
GetFileAttributesW
GetThreadLocale
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
TlsSetValue

user32

RegisterClassExW
DestroyWindow
SendMessageW
DestroyMenu
TrackPopupMenu
IsWindow
GetSubMenu
SetForegroundWindow
GetCursorPos
GetDesktopWindow
CharLowerW
CharNextW
CharLowerA
UpdateWindow
GetWindowLongW
SetWindowLongW
DefWindowProcW
GetMessageW
TranslateMessage
ShowWindow
DispatchMessageW
CreateWindowExW
RegisterClassW
PostMessageW
LoadImageW
GetClassInfoExW
LoadMenuW

gdi32

GetStockObject

advapi32

RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW

shell32

Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHCreateDirectoryExA

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CoLoadLibrary
CoFreeLibrary

oleaut32

SysFreeString
SysAllocString
SysStringLen

shlwapi

PathFileExistsW

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e525c29ee0502b69fdd060032b31aaa

Headers

File Characteristics

Imports

ws2_32

netapi32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 496KB - Virtual size: 496KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 496KB - Virtual size: 496KB