a78d033d22852262b7aa328734e5deb494a2ed5aac3ac5a4f900552aa080cf29

Sharing

Copy URL Twitter E-mail

General

Target

a78d033d22852262b7aa328734e5deb494a2ed5aac3ac5a4f900552aa080cf29
Size

46KB
MD5

d18f433de67f374f3dd2c2984ba6759b
SHA1

39232517ebf4a3d87de7a7e73459674ce27cb610
SHA256

a78d033d22852262b7aa328734e5deb494a2ed5aac3ac5a4f900552aa080cf29
SHA512

b1294168765ca7487365bcd497d215ebd317d9cd74ad4e987a8b1965b8fbbb4f08ad304453b3b7f1710440bb62def07f1251d7e15e07d61382d6b621e35be980
SSDEEP

768:cJ0t3P98qAnEUFIeTk3tXgkiX2bQtfKwhhZzcYDwQNC+fwBVSou2mC4StDMeMbv6:vt3nKEpSkSFIwPZtU0GZu2mC4rDW

Score

N/A

Malware Config

Signatures

Files

a78d033d22852262b7aa328734e5deb494a2ed5aac3ac5a4f900552aa080cf29
.exe windows x86

554126c71662cc7ad316e5bc63625d15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetWkstaGetInfo
NetApiBufferFree

ws2_32

listen
htons
bind
inet_addr
gethostbyname
send
inet_ntoa
setsockopt
closesocket
accept
WSACleanup
WSAStartup
ioctlsocket
socket
select
__WSAFDIsSet
recv
WSAGetLastError
connect

dbghelp

MakeSureDirectoryPathExists

psapi

GetModuleFileNameExA

kernel32

GlobalSize
GlobalUnlock
GlobalLock
GetWindowsDirectoryA
CloseHandle
SetFileTime
SystemTimeToFileTime
GetSystemTime
CreateFileA
lstrlenA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
GetModuleFileNameA
GetCommandLineA
GetLastError
CreateMutexA
GetTickCount
GetProcessTimes
GetLocalTime
GetProcessHandleCount
GetCurrentProcess
GetModuleHandleA
GetCurrentThreadId
Sleep
ExitProcess
SetErrorMode
lstrcpyA
GetSystemDirectoryA
SetLocalTime
GetVersionExA
GetComputerNameA
ReleaseMutex
WaitForSingleObject
CreateThread
FindNextFileA
ReadFile
SetFilePointer
lstrcatA
GetDriveTypeA
GetLogicalDriveStringsA
ExpandEnvironmentStringsA
InterlockedDecrement
InterlockedIncrement
lstrcpynA
QueryPerformanceCounter
HeapFree
HeapAlloc
GetProcessHeap
OutputDebugStringA
InterlockedExchangeAdd
HeapReAlloc
MulDiv
GetFileSizeEx
WriteFile
MultiByteToWideChar
CreateProcessA
OpenProcess
GlobalAlloc

user32

GetSystemMetrics
wsprintfA
PeekMessageA
DestroyWindow
RegisterRawInputDevices
UnhookWindowsHookEx
GetForegroundWindow
ToAsciiEx
GetKeyboardLayout
GetWindowThreadProcessId
GetKeyState
GetWindowRect
ClientToScreen
IsRectEmpty
GetGUIThreadInfo
CallNextHookEx
DefWindowProcA
GetCursorPos
GetRawInputData
CreateWindowExA
RegisterClassA
GetMessageA
EnumChildWindows
IsIconic
IsWindowVisible
EnumWindows
ShowWindow
MsgWaitForMultipleObjects
SendInput
SetCursorPos
SendMessageA
ExitWindowsEx
MessageBoxA
ReleaseDC
GetDC
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
TranslateMessage
DispatchMessageA
PostThreadMessageA
GetAsyncKeyState
SetWindowsHookExA

gdi32

DeleteObject
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
BitBlt

advapi32

RegOpenKeyExA
LookupPrivilegeValueA
RegSetValueExA
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA
SHFileOperationA
SHGetSpecialFolderPathA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 449B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

554126c71662cc7ad316e5bc63625d15

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

ws2_32

dbghelp

psapi

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: - Virtual size: 449B

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: - Virtual size: 449B

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB