e246000feaa91dd66070e61a04c28a5c83cdeaa76dfead2bb936eac9e0a36fae

Sharing

Copy URL Twitter E-mail

General

Target

e246000feaa91dd66070e61a04c28a5c83cdeaa76dfead2bb936eac9e0a36fae
Size

649KB
MD5

6ba18c1b50ee343eb5e45c2f1edfd274
SHA1

00b19baf160a143daa19f0ec1e76fe95252f130f
SHA256

e246000feaa91dd66070e61a04c28a5c83cdeaa76dfead2bb936eac9e0a36fae
SHA512

199844bf630ee376003c926b8c9da29b279d2d4e866835a66576ea72e11fb07c1ac54eddb7c734e30896ed7e3fb666ed7060dd6fecdf8a399d030503565b9837
SSDEEP

12288:MMMHMO9+nHzmc7nuXZ4qRGI5Z360W/EG28cK:m9smCuXZ4cDK0WQ8H

Score

N/A

Malware Config

Signatures

Files

e246000feaa91dd66070e61a04c28a5c83cdeaa76dfead2bb936eac9e0a36fae
.exe windows x86

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
gethostbyaddr
WSAStringToAddressA
WSAIsBlocking
WSAEnumProtocolsW
WSAEnumNameSpaceProvidersA
WSAGetQOSByName
getservbyname
WSADuplicateSocketA
WSAGetLastError

oleaut32

VariantCopy
LoadTypeLi
VariantChangeType
SetErrorInfo
SysStringLen

kernel32

EndUpdateResourceA
CreateNamedPipeW
SetErrorMode
GetVolumeInformationW
DeleteCriticalSection
SizeofResource
FormatMessageA
ExitProcess
VirtualAllocEx
GlobalAddAtomA
FreeLibraryAndExitThread
FindFirstFileExW
SetSystemTime
GetDriveTypeW
GetPrivateProfileStringW
SetFileAttributesA
GetConsoleCursorInfo
SetEndOfFile
VirtualProtect
OutputDebugStringW
GetLogicalDriveStringsA
ScrollConsoleScreenBufferA
SetThreadLocale
ReadConsoleOutputA
GetHandleInformation
EnumTimeFormatsW
SetThreadPriorityBoost
EnumCalendarInfoA
GetFileInformationByHandle
GetConsoleMode
GetCurrentDirectoryW
GetCommState

user32

PeekMessageW
TrackPopupMenuEx
CharLowerA
MonitorFromPoint
EnumDisplaySettingsW
MonitorFromWindow
WaitMessage
GetDlgItemTextW
InvertRect
GetNextDlgTabItem
LoadBitmapA
RemovePropW
GetActiveWindow
WindowFromPoint
OpenClipboard
SetMenuItemInfoA
RegisterClassA
TileWindows
IsCharLowerA
CopyImage
WinHelpA
GetMonitorInfoA
SendMessageCallbackW
ClientToScreen
IsCharUpperW
ChangeMenuA
EndPaint
WindowFromDC
CreateDialogParamA
ModifyMenuW
GetKeyboardType
CreateMDIWindowW

advapi32

RegOpenKeyW
RegCreateKeyW
CryptCreateHash
CryptGetUserKey
CloseServiceHandle
RevertToSelf
AddAccessDeniedAce
CryptDestroyKey
GetLengthSid
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RegLoadKeyW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
OpenSCManagerW
OpenEventLogW

msvcrt

_fstat
_mbsupr
time
ftell
calloc
wcstok
_ultow

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

Imports

ws2_32

oleaut32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 328KB - Virtual size: 328KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 328KB - Virtual size: 328KB

.rsrc
Size: 10KB - Virtual size: 9KB