2e4f2120f00ca9723f7359e32b3ad41375be41ac74c5f6ace55ea7cbc7b4b4e5

Sharing

Copy URL

Twitter E-mail

General

Target

2e4f2120f00ca9723f7359e32b3ad41375be41ac74c5f6ace55ea7cbc7b4b4e5
Size

291KB
MD5

0a4e2f7493cfbda4630029b1c12daa8c
SHA1

c0e4f9cc3ce0b1d14e972b673982d4aec9d8169f
SHA256

2e4f2120f00ca9723f7359e32b3ad41375be41ac74c5f6ace55ea7cbc7b4b4e5
SHA512

34c0140cec1446c3ba35461ff219b43174bc9aaa465043d041ae849be0413e5068618ff0baa134f55737dbc497863ffe457c812003cef97226f48d35d24a28d7
SSDEEP

6144:Gdt6F0Oh3hJnH3FW1sP99BJzddnGj+rgqDZh7mKeLCBJaoZOV+4THs0D:37fnXMKP97kmaGwvH

Score

N/A

Malware Config

Signatures

Files

2e4f2120f00ca9723f7359e32b3ad41375be41ac74c5f6ace55ea7cbc7b4b4e5
.exe windows x86

6a43739d96ee13bc46145825e5bd1581

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
getsockname
WSAEnumNameSpaceProvidersA
WSAAsyncGetProtoByNumber
WSALookupServiceBeginA
recv
WSAAsyncGetHostByName
htonl
WSALookupServiceNextW
WSAGetLastError
WSAConnect

advapi32

AccessCheckAndAuditAlarmA
LookupPrivilegeDisplayNameA
SetKernelObjectSecurity
SetThreadToken
BuildTrusteeWithNameW
RegReplaceKeyW
QueryServiceConfigW
RegSetKeySecurity
AddAccessAllowedAce
ReadEventLogW
RegEnumKeyExA
CryptImportKey
RegSetValueW
ReportEventW
RegUnLoadKeyW
RegConnectRegistryW
RegisterServiceCtrlHandlerW
CryptSetKeyParam
CreatePrivateObjectSecurity
SetSecurityInfo
GetAclInformation
SetServiceStatus
ImpersonateNamedPipeClient
RegDeleteValueA
CloseServiceHandle
RegEnumValueW
RegLoadKeyW
RegEnumKeyW
OpenServiceW

ole32

MkParseDisplayName
CoSwitchCallContext
PropVariantCopy

user32

OffsetRect
IsWindow
RegisterWindowMessageA

kernel32

GetCurrentDirectoryW
CopyFileExW
DeleteCriticalSection
VirtualAlloc
lstrlenA
CreateFileW
GetModuleHandleA
QueryDosDeviceW
FreeLibraryAndExitThread
GlobalFindAtomA
IsBadWritePtr
WriteFile
GetSystemTimeAsFileTime
LocalSize
PrepareTape
LocalFileTimeToFileTime
_lclose
GetTempPathW
SetLastError
CreateIoCompletionPort
GetTimeZoneInformation
FindFirstFileA
GetConsoleMode
WritePrivateProfileSectionA
SetCurrentDirectoryA
EnumResourceLanguagesW
GetVolumeInformationW
SetCommMask
GetThreadContext
lstrcpynA
GetCurrentProcessId
OutputDebugStringA
IsDBCSLeadByteEx
VirtualQueryEx
EnumCalendarInfoW
SetEndOfFile
ConnectNamedPipe
FindResourceExA
_lopen
CompareStringW
EndUpdateResourceA
UnmapViewOfFile
ExpandEnvironmentStringsW
MoveFileW
WritePrivateProfileStringW
lstrcmpiW
SetConsoleOutputCP
SwitchToFiber
SetConsoleWindowInfo
SetFileAttributesA
RemoveDirectoryW
GlobalReAlloc
GetHandleInformation
CreateDirectoryExA
SetErrorMode
LocalAlloc
LocalLock
SetTimeZoneInformation
GetSystemTime
FormatMessageW
SetFileTime
CreateWaitableTimerA
GetStartupInfoA
GetBinaryTypeA
OpenSemaphoreW
lstrcmpA
GetFileType
GetACP
GetEnvironmentStringsW

oleaut32

LoadTypeLibEx
SafeArrayGetElement
VariantCopy
SafeArrayPutElement
SysAllocStringLen
SysStringLen
VariantChangeType
LoadTypeLi
SysFreeString
SetErrorInfo
SafeArrayRedim

shell32

SHGetDesktopFolder
ExtractIconExW
FindExecutableW
SHGetPathFromIDListA
SHGetSpecialFolderPathA
DragFinish
SHLoadInProc

version

VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA

gdi32

GetCharWidth32A
GetLayout
GetPixel
ExtTextOutW
CombineRgn
CreateDCW
SetDIBColorTable
GetCharacterPlacementA
IntersectClipRect
CreateRoundRectRgn
GetFontData
StretchDIBits
DeleteObject
CreateSolidBrush
GetOutlineTextMetricsA

msvcrt

setbuf
_mbsicmp
_tell
_spawnlp
_wfopen
wcstok
_isatty
_mbsnbcat
fputs
isxdigit
setlocale
_mbctoupper
strcoll
localeconv
_strrev
_strtime
_cexit
abort
_mbstrlen
ftell
_mbsnbcpy
_stricoll
vswprintf
_controlfp
fclose
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
puts
fseek
fputc
_pipe
_vsnwprintf
strncmp
rewind
wprintf
mktime
strftime
iswctype
getchar
_mbslen
_mbsinc
_errno
_wsopen
vwprintf
_getdrive

Sections

uqcmmc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

aqkei
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

egukq
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

akmagsu
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a43739d96ee13bc46145825e5bd1581

Headers

File Characteristics

Imports

ws2_32

advapi32

ole32

user32

kernel32

oleaut32

shell32

version

gdi32

msvcrt

Sections

uqcmmc Size: 195KB - Virtual size: 195KB

aqkei Size: 5KB - Virtual size: 5KB

egukq Size: 74KB - Virtual size: 74KB

akmagsu Size: 14KB - Virtual size: 14KB

uqcmmc
Size: 195KB - Virtual size: 195KB

aqkei
Size: 5KB - Virtual size: 5KB

egukq
Size: 74KB - Virtual size: 74KB

akmagsu
Size: 14KB - Virtual size: 14KB