ef5951c73ab3479254f3de86bd033a27e30db56c66a8ea82c91e1c6642b4fc37

Sharing

Copy URL

Twitter E-mail

General

Target

ef5951c73ab3479254f3de86bd033a27e30db56c66a8ea82c91e1c6642b4fc37
Size

76KB
MD5

ff402909abde0162903443f1e91bf1e1
SHA1

3ad7bc525878e6bde73d1f549e54767452195b9d
SHA256

ef5951c73ab3479254f3de86bd033a27e30db56c66a8ea82c91e1c6642b4fc37
SHA512

0c3502a5999e73c5e1105d9923a1cc426226cf6bb330f80a45e081ffaec7355e20800e0074288a18c091f05ee24748b6aeb03dfb1a16b4fe0a0910d9182145e6
SSDEEP

1536:tKqdrDqGkaUhTRNRTTqtQDZTGOHvwfc/bOSttz3+:tJrDqGYlPqiPwU/Pttz3

Score

N/A

Malware Config

Signatures

Files

ef5951c73ab3479254f3de86bd033a27e30db56c66a8ea82c91e1c6642b4fc37
.exe windows x86

de01b88a867f1d7263328a981baa7c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
OutputDebugStringA
CloseHandle
WaitForSingleObject
GetLastError
CreateMutexA
GetModuleHandleA
GetSystemInfo
CreateThread
GetSystemDefaultUILanguage
lstrlenA
MultiByteToWideChar
WinExec
FreeLibrary
GetCurrentProcessId
CreateProcessA
TerminateProcess
ExitThread
GetModuleFileNameA
GetTickCount
MoveFileA
lstrcatA
LoadLibraryA
GetProcAddress
Sleep
HeapAlloc
GetVersionExA
HeapFree
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
InterlockedIncrement
InterlockedDecrement
SetFilePointer
IsBadCodePtr
IsBadReadPtr
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetCurrentProcess
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
HeapDestroy
HeapCreate

user32

wsprintfA
RegisterClassA
LoadIconA
LoadCursorA

gdi32

GetStockObject

advapi32

RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ws2_32

shutdown
WSAStartup
WSAGetLastError
htonl
recv
setsockopt
WSASocketA
send
socket
htons
connect
closesocket
inet_addr
gethostbyname
__WSAFDIsSet
select
WSAIoctl
WSACleanup
sendto

netapi32

NetUserAdd
NetLocalGroupAddMembers

iphlpapi

GetIfTable

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de01b88a867f1d7263328a981baa7c5b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

netapi32

iphlpapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB