fe7eb75326c685c7bec213e8832c35a6b659047691d38332d29343c0023b3110

Sharing

Copy URL Twitter E-mail

General

Target

fe7eb75326c685c7bec213e8832c35a6b659047691d38332d29343c0023b3110
Size

877KB
MD5

533e8a0b7154e27eefb87ed8f4246280
SHA1

f964e81f699a53b186c8bb38db7189f5f757af75
SHA256

fe7eb75326c685c7bec213e8832c35a6b659047691d38332d29343c0023b3110
SHA512

96ad9d7cc815bfae63018c3588f0ef594dab6090edfbf5f9d088a8f7b91e94666e76ecd7a123eb429aea5a9c5ecfa4d08fd0de418529c5fab8fdc3ce27f75918
SSDEEP

24576:J68halBUDdJJPd9XC2U/TeBjH8r6NRsDyoRIWC+KDHEccFlke:J68MlBUDdJJPGiF8IroOB+by

Score

N/A

Malware Config

Signatures

Files

fe7eb75326c685c7bec213e8832c35a6b659047691d38332d29343c0023b3110
.exe windows x86

656cf646d901d1f60f197f72e9abdfb1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMenu
LookupIconIdFromDirectoryEx
MapVirtualKeyW
GetCaretBlinkTime
IMPSetIMEW
wvsprintfW
CharLowerBuffW
ExcludeUpdateRgn
ScreenToClient
SendNotifyMessageA
InvalidateRect
MsgWaitForMultipleObjects
SetThreadDesktop
SystemParametersInfoW

duser

PeekMessageExA
DUserGetRectPRID
GetStdColorBrushF
DUserGetAlphaPRID
GetStdColorF
CreateAction
GetActionTimeslice
GetGadgetCenterPoint
DllMain
GetGadgetBufferInfo
DetachWndProc
DUserPostEvent
AddGadgetMessageHandler
RemoveGadgetProperty
SetGadgetFocus
GetGadgetRotation
FindGadgetFromPoint
DUserInstanceOf
BuildDropTarget
UnregisterGadgetMessageString
DUserBuildGadget
DUserStopAnimation
InvalidateGadget

ole32

StgIsStorageFile
CreateFileMoniker
FreePropVariantArray
CoFreeAllLibraries
MonikerCommonPrefixWith
CoRegisterMessageFilter
CoGetCallContext
HGLOBAL_UserMarshal
OleNoteObjectVisible
StgOpenStorageEx
StgConvertPropertyToVariant
HGLOBAL_UserUnmarshal

kernel32

SetTimerQueueTimer
SetVolumeMountPointW
CreateNamedPipeW
CompareStringA
LoadLibraryA
GetCurrentProcessId
GetBinaryTypeW
RegisterConsoleOS2
GetCPInfo
TlsAlloc
GetLocaleInfoA
FlushViewOfFile
SetSystemTimeAdjustment
CreateWaitableTimerW
GetFileAttributesA

iphlpapi

GetAdaptersAddresses
_PfUnBindInterface@4
InternalGetIfTable
GetIpStatisticsEx
GetTcpStatistics
GetIpForwardTable
SetIpStatistics
Icmp6ParseReplies
RestoreMediaSense
InternalSetIpStats
InternalCreateIpForwardEntry
InternalGetIpForwardTable
InternalSetTcpEntry
_PfRemoveFilterHandles@12
_PfMakeLog@4
_PfTestPacket@20
GetInterfaceInfo
_PfAddGlobalFilterToInterface@8
InternalSetIfEntry
GetNumberOfInterfaces
do_echo_rep

wsock32

getsockname
ntohl
bind
WSAGetLastError
MigrateWinsockConfiguration
shutdown
getprotobyname
WSARecvEx
ntohs
sendto
AcceptEx
GetTypeByNameW
SetServiceW
htons
GetNameByTypeW

Sections

.text
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

656cf646d901d1f60f197f72e9abdfb1

Headers

DLL Characteristics

File Characteristics

Imports

user32

duser

ole32

kernel32

iphlpapi

wsock32

Sections

.text Size: 368KB - Virtual size: 367KB

.rdata Size: 161KB - Virtual size: 160KB

.data Size: 199KB - Virtual size: 1.6MB

.rsrc Size: 147KB - Virtual size: 146KB

.reloc Size: 1024B - Virtual size: 972B

.text
Size: 368KB - Virtual size: 367KB

.rdata
Size: 161KB - Virtual size: 160KB

.data
Size: 199KB - Virtual size: 1.6MB

.rsrc
Size: 147KB - Virtual size: 146KB

.reloc
Size: 1024B - Virtual size: 972B