53d1048b2ea39888ecc4658d890a221b98be37542843d0d3a94a7a8b58778cf6

Sharing

Copy URL Twitter E-mail

General

Target

53d1048b2ea39888ecc4658d890a221b98be37542843d0d3a94a7a8b58778cf6
Size

40KB
MD5

a127bde086fbea9be38914bd28fb8ba0
SHA1

c8fc5ff6d630aff1f12848a312c5c05c8ed628a8
SHA256

53d1048b2ea39888ecc4658d890a221b98be37542843d0d3a94a7a8b58778cf6
SHA512

510dc10f9d864d5f6cb8966da2b08cc582f9627a81f6e3a1b85d791120e91eec416c5d2dd8dfc47e8618b1fe4bff99e020753845cf1f1e6545530308c2307328
SSDEEP

768:f8FwwzzzOuYzzze6XWQCDAlo+6LwprfiRdvlZAuSRfirwNdA:EFw86GQiGiwZi7vlZAuSNigA

Score

N/A

Malware Config

Signatures

Files

53d1048b2ea39888ecc4658d890a221b98be37542843d0d3a94a7a8b58778cf6
.exe windows x86

04a70c9ff03aa7d566ef4f191b172709

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
GetCurrentProcess
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
ExitProcess
CloseHandle
ReleaseMutex
OpenMutexA
GetTempPathA
lstrlenA
SetFilePointer
WriteFile
CreateFileA
LockResource
LoadResource
FindResourceA
GetCurrentThread
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
GetFileAttributesA
WaitForSingleObject
GetLastError
CreateMutexA
GetSystemDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
GetSystemDefaultUILanguage
GetModuleHandleA
GetTickCount
SetThreadPriority
CreateProcessA
ResumeThread
CreateThread
lstrcmpA
lstrcpyA
CopyFileA
GetLocalTime
WinExec
GetModuleFileNameA
LoadLibraryA
GetProcAddress
Sleep
EnumResourceNamesA
GetStartupInfoA

user32

wsprintfA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
RegCloseKey
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

ws2_32

send
recv
WSACleanup
WSAStartup
inet_ntoa
gethostname
WSASocketA
htonl
sendto
inet_addr
gethostbyname
socket
htons
connect
closesocket
__WSAFDIsSet
select
setsockopt

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
free
_except_handler3
strncmp
strstr
strcat
atoi
memcpy
rand
sprintf
strchr
strcpy
srand
memset
__CxxFrameHandler
_CxxThrowException
strlen
printf
realloc
malloc
strncpy
strcspn
exit

shlwapi

SHDeleteKeyA

iphlpapi

GetIfEntry
GetInterfaceInfo

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04a70c9ff03aa7d566ef4f191b172709

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

msvcrt

shlwapi

iphlpapi

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB