8943a25b17780a266cd8850798af9795cc965dbf4f039d1b5115217b4cd82350

Sharing

Copy URL

Twitter E-mail

General

Target

8943a25b17780a266cd8850798af9795cc965dbf4f039d1b5115217b4cd82350
Size

649KB
MD5

a8b7800a3917ce1cb5b66c40decd4020
SHA1

9302a2fb6ce57b0e68253fe6f072ec6ff2e5bab5
SHA256

8943a25b17780a266cd8850798af9795cc965dbf4f039d1b5115217b4cd82350
SHA512

5e82d02ce1204787ee01bd190d9e3c2b2fc235c2e3dfeaf3184387ab3f7a099963209f73ec07e787e3933910b416e257a090eaea20b683794fcc904f10cbfa38
SSDEEP

12288:MMMHMO9+nHzmc7nuXZ4qRGI5Z360W/EG28co:m9smCuXZ4cDK0WQ8X

Score

N/A

Malware Config

Signatures

Files

8943a25b17780a266cd8850798af9795cc965dbf4f039d1b5115217b4cd82350
.exe windows x86

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
gethostbyaddr
WSAStringToAddressA
WSAIsBlocking
WSAEnumProtocolsW
WSAEnumNameSpaceProvidersA
WSAGetQOSByName
getservbyname
WSADuplicateSocketA
WSAGetLastError

oleaut32

VariantCopy
LoadTypeLi
VariantChangeType
SetErrorInfo
SysStringLen

kernel32

EndUpdateResourceA
CreateNamedPipeW
SetErrorMode
GetVolumeInformationW
DeleteCriticalSection
SizeofResource
FormatMessageA
ExitProcess
VirtualAllocEx
GlobalAddAtomA
FreeLibraryAndExitThread
FindFirstFileExW
SetSystemTime
GetDriveTypeW
GetPrivateProfileStringW
SetFileAttributesA
GetConsoleCursorInfo
SetEndOfFile
VirtualProtect
OutputDebugStringW
GetLogicalDriveStringsA
ScrollConsoleScreenBufferA
SetThreadLocale
ReadConsoleOutputA
GetHandleInformation
EnumTimeFormatsW
SetThreadPriorityBoost
EnumCalendarInfoA
GetFileInformationByHandle
GetConsoleMode
GetCurrentDirectoryW
GetCommState

user32

PeekMessageW
TrackPopupMenuEx
CharLowerA
MonitorFromPoint
EnumDisplaySettingsW
MonitorFromWindow
WaitMessage
GetDlgItemTextW
InvertRect
GetNextDlgTabItem
LoadBitmapA
RemovePropW
GetActiveWindow
WindowFromPoint
OpenClipboard
SetMenuItemInfoA
RegisterClassA
TileWindows
IsCharLowerA
CopyImage
WinHelpA
GetMonitorInfoA
SendMessageCallbackW
ClientToScreen
IsCharUpperW
ChangeMenuA
EndPaint
WindowFromDC
CreateDialogParamA
ModifyMenuW
GetKeyboardType
CreateMDIWindowW

advapi32

RegOpenKeyW
RegCreateKeyW
CryptCreateHash
CryptGetUserKey
CloseServiceHandle
RevertToSelf
AddAccessDeniedAce
CryptDestroyKey
GetLengthSid
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RegLoadKeyW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
OpenSCManagerW
OpenEventLogW

msvcrt

_fstat
_mbsupr
time
ftell
calloc
wcstok
_ultow

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

Imports

ws2_32

oleaut32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 328KB - Virtual size: 328KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 328KB - Virtual size: 328KB

.rsrc
Size: 10KB - Virtual size: 9KB