5d0fcd2376a016c0738ca8bff1ba49515af02969c4c335f240102a8d730722d4

Sharing

Copy URL Twitter E-mail

General

Target

5d0fcd2376a016c0738ca8bff1ba49515af02969c4c335f240102a8d730722d4
Size

11KB
MD5

43ace2596e38e2c902fcc4b98701ebfa
SHA1

702c9eaebbf59410b443e858a702fe35ddb5bd37
SHA256

5d0fcd2376a016c0738ca8bff1ba49515af02969c4c335f240102a8d730722d4
SHA512

d792878f8396854060defae73d586517775b04ac9b6fd16cd6d7b16f3f91eb9d81130f7c49cbfa0a42d9615fae288e35e8626774d58fb247a6e91540144c0a3f
SSDEEP

192:nZWIMlPSyrfi1NhBYc1NH1P1VTrCStV23yzCzUKgi1F7nO9XXCAox+n:ZWIM3w1NH5rC4kCzCzb7OlCXc

Score

N/A

Malware Config

Signatures

Files

5d0fcd2376a016c0738ca8bff1ba49515af02969c4c335f240102a8d730722d4
.exe windows x86

f9c6feabc25218dcece1bfc134609252

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Sleep
Process32First
GetFileSize
GlobalAlloc
WritePrivateProfileStringA
GetProcAddress
lstrcatA
VirtualProtect
GetCurrentProcessId
ReadFile
CloseHandle
WriteFile
lstrcmpiA
ExitProcess
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
lstrlenA
CreateToolhelp32Snapshot
SetFilePointer
CopyFileA
GetVersion
CreateFileA
GetSystemDirectoryA
FlushFileBuffers
LoadLibraryA
CreateThread
Process32Next

user32

DispatchMessageA
DefWindowProcA
CreateWindowExA
CallNextHookEx
BringWindowToTop
BeginPaint
SetTimer
ShowWindow
UpdateWindow
TranslateMessage
ReleaseDC
PostQuitMessage
GetMessageA
GetDC
SetWindowsHookExA
GetWindowLongA
SendMessageA
RegisterClassExA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
GetWindowTextA
MessageBoxA
GetParent
GetFocus
PostMessageA
GetClassNameA
FindWindowA
EnumChildWindows
EndPaint

rasapi32

RasEnumConnectionsA

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey

wsock32

socket
send
recv
listen
gethostname
gethostbyname
connect
closesocket
bind
accept
WSAStartup
WSAGetLastError
WSACleanup
WSAAsyncSelect

shell32

ShellExecuteA

gdi32

TextOutA
SetTextColor
SelectObject
GetObjectA
DeleteObject
DeleteDC
CreateDIBitmap
CreateCompatibleDC
BitBlt

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9c6feabc25218dcece1bfc134609252

Headers

File Characteristics

Imports

kernel32

user32

rasapi32

advapi32

wsock32

shell32

gdi32

Sections

CODE Size: 5KB - Virtual size: 8KB

DATA Size: 2KB - Virtual size: 48KB

.idata Size: 2KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

CODE
Size: 5KB - Virtual size: 8KB

DATA
Size: 2KB - Virtual size: 48KB

.idata
Size: 2KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB