8546a01a679e4c810ce58565f5462494b2c1beec9c5b7f3c480f9f8704a1f65c

Sharing

Copy URL

Twitter E-mail

General

Target

8546a01a679e4c810ce58565f5462494b2c1beec9c5b7f3c480f9f8704a1f65c
Size

649KB
MD5

bd650004404c81b958130660e5caafc9
SHA1

f3fe9fc760bfd7f624ac19e4be01b2c15fcabce8
SHA256

8546a01a679e4c810ce58565f5462494b2c1beec9c5b7f3c480f9f8704a1f65c
SHA512

5cd827b51195edcc063e9b93b51e7d309a59e70c3038a740500cadde5fb1cd6e645ece551c7a545d7903532c2649b533183629e1130e6ed661ce48583c25ff3a
SSDEEP

12288:MMMHMO9+nHzmc7nuXZ4qRGI5Z360W/EG28c8:m9smCuXZ4cDK0WQ8P

Score

N/A

Malware Config

Signatures

Files

8546a01a679e4c810ce58565f5462494b2c1beec9c5b7f3c480f9f8704a1f65c
.exe windows x86

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
gethostbyaddr
WSAStringToAddressA
WSAIsBlocking
WSAEnumProtocolsW
WSAEnumNameSpaceProvidersA
WSAGetQOSByName
getservbyname
WSADuplicateSocketA
WSAGetLastError

oleaut32

VariantCopy
LoadTypeLi
VariantChangeType
SetErrorInfo
SysStringLen

kernel32

EndUpdateResourceA
CreateNamedPipeW
SetErrorMode
GetVolumeInformationW
DeleteCriticalSection
SizeofResource
FormatMessageA
ExitProcess
VirtualAllocEx
GlobalAddAtomA
FreeLibraryAndExitThread
FindFirstFileExW
SetSystemTime
GetDriveTypeW
GetPrivateProfileStringW
SetFileAttributesA
GetConsoleCursorInfo
SetEndOfFile
VirtualProtect
OutputDebugStringW
GetLogicalDriveStringsA
ScrollConsoleScreenBufferA
SetThreadLocale
ReadConsoleOutputA
GetHandleInformation
EnumTimeFormatsW
SetThreadPriorityBoost
EnumCalendarInfoA
GetFileInformationByHandle
GetConsoleMode
GetCurrentDirectoryW
GetCommState

user32

PeekMessageW
TrackPopupMenuEx
CharLowerA
MonitorFromPoint
EnumDisplaySettingsW
MonitorFromWindow
WaitMessage
GetDlgItemTextW
InvertRect
GetNextDlgTabItem
LoadBitmapA
RemovePropW
GetActiveWindow
WindowFromPoint
OpenClipboard
SetMenuItemInfoA
RegisterClassA
TileWindows
IsCharLowerA
CopyImage
WinHelpA
GetMonitorInfoA
SendMessageCallbackW
ClientToScreen
IsCharUpperW
ChangeMenuA
EndPaint
WindowFromDC
CreateDialogParamA
ModifyMenuW
GetKeyboardType
CreateMDIWindowW

advapi32

RegOpenKeyW
RegCreateKeyW
CryptCreateHash
CryptGetUserKey
CloseServiceHandle
RevertToSelf
AddAccessDeniedAce
CryptDestroyKey
GetLengthSid
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RegLoadKeyW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
OpenSCManagerW
OpenEventLogW

msvcrt

_fstat
_mbsupr
time
ftell
calloc
wcstok
_ultow

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

Imports

ws2_32

oleaut32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 328KB - Virtual size: 328KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 328KB - Virtual size: 328KB

.rsrc
Size: 10KB - Virtual size: 9KB