1b17002db272043137c2b5843101ec628cf633631104282ebad617636eb5f318

General

Target

1b17002db272043137c2b5843101ec628cf633631104282ebad617636eb5f318
Size

72KB
MD5

10ef45dc9e580d8ab3251cfb35160a70
SHA1

1b8c125c807b7fbfd04c1ab048764dc47d6fe00e
SHA256

1b17002db272043137c2b5843101ec628cf633631104282ebad617636eb5f318
SHA512

56e7f4119f2dec0e5f9734fdc0cee7e5499e3bbd70af7a1251031aa1b84449778ff38892a77f150865457c9292d2af0a4b9170dcabdab8baaf3deb3041d5778c
SSDEEP

1536:OL9EbL0SIARHFCGrDbc/axJzvgDsV2X0yr:OL9EbwSnEZwvgDf0yr

Score

N/A

Malware Config

Signatures

Files

1b17002db272043137c2b5843101ec628cf633631104282ebad617636eb5f318
.exe windows x86

1ac4feaffeb09ab14bdcf060123c7b8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleFileNameA
GetModuleHandleA
ExitThread
CreateThread
GetTickCount
CreateMutexA
GetLastError
Sleep
CloseHandle
FlushFileBuffers
HeapSize
SetStdHandle
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
VirtualQuery
InterlockedExchange
HeapReAlloc
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetLocaleInfoA
RtlUnwind
GetACP
GetOEMCP
SetFilePointer
LoadLibraryA
InitializeCriticalSection

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ws2_32

bind
listen
accept
WSACleanup
inet_addr
recv
setsockopt
gethostbyname
socket
htons
connect
send
select
__WSAFDIsSet
WSAStartup
closesocket

Sections

.CryptX
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ac4feaffeb09ab14bdcf060123c7b8c

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

Sections

.CryptX Size: 68KB - Virtual size: 68KB

.CryptX
Size: 68KB - Virtual size: 68KB