cdc8ab94ef6ed91fe407fc0a70897f94d138aa32cc2276e6e565a7c161a500c2

Sharing

Copy URL Twitter E-mail

General

Target

cdc8ab94ef6ed91fe407fc0a70897f94d138aa32cc2276e6e565a7c161a500c2
Size

156KB
MD5

c91ed320f01bb2b9f2e340eff1fe536c
SHA1

b8b8818a4797deaf5a5d4ccebd75d89872de6687
SHA256

cdc8ab94ef6ed91fe407fc0a70897f94d138aa32cc2276e6e565a7c161a500c2
SHA512

cbfcebd4b9c51317b6fece85afc3c5f978e5f4f1142cd786d940eadde915929d638c62babe1783fa75cf72089859a0c497a374fa74dc5e6eebdd55369e3910d6
SSDEEP

3072:EBKYpyDgOmr1rHhO9WkOlrmqF63pHtefXuvT9a0mqF63pHtefXuvT9a:HVmrxhOJmmqFspHtefXurvmqFspHtefS

Score

N/A

Malware Config

Signatures

Files

cdc8ab94ef6ed91fe407fc0a70897f94d138aa32cc2276e6e565a7c161a500c2
.exe windows x86

c9b89b537b9cf11eabdd01dcc3ce239a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
CreateThread
WaitForSingleObject
CloseHandle
TerminateThread
InitializeCriticalSection
GlobalMemoryStatusEx
GetVersionExA
Module32Next
Module32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
Process32Next
Process32First
OpenEventA
GetLastError
CreateEventA
SetEvent
ResetEvent
CopyFileA
GetCurrentProcessId
GetWindowsDirectoryA
ResumeThread
InterlockedExchange
GetFileAttributesA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetCommandLineA
ExitProcess
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
WinExec
DeleteFileA
ExitThread
GetCurrentDirectoryA
GetModuleFileNameA
Sleep
lstrlenA
GetCPInfo
CreateFileA
FlushFileBuffers
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
HeapReAlloc
GetStartupInfoA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle

ws2_32

htonl
htons
select
__WSAFDIsSet
getsockopt
gethostbyname
getsockname
closesocket
WSACleanup
WSAStartup
inet_addr
setsockopt
socket
connect
send
recv
ntohl
ntohs
sendto

advapi32

RegisterServiceCtrlHandlerA
CreateServiceA
RegOpenKeyA
StartServiceCtrlDispatcherA
SetServiceStatus
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
StartServiceA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA

iphlpapi

GetIfTable
GetAdaptersInfo

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9b89b537b9cf11eabdd01dcc3ce239a

Headers

File Characteristics

Imports

kernel32

ws2_32

advapi32

shell32

iphlpapi

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 92KB - Virtual size: 94KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 92KB - Virtual size: 94KB