8dfbdeb0306ad0a9d6be7d9f18651736c9b4636ba02f92b9c0df02ac045908d9

Sharing

Copy URL Twitter E-mail

General

Target

8dfbdeb0306ad0a9d6be7d9f18651736c9b4636ba02f92b9c0df02ac045908d9
Size

76KB
MD5

2ff328028f33532612426ff8ffcd4daf
SHA1

e888a5db585937306697f598f6a6459783c02488
SHA256

8dfbdeb0306ad0a9d6be7d9f18651736c9b4636ba02f92b9c0df02ac045908d9
SHA512

43e07ec8e8c0692921044e51bd2147d7fea4c01ff322bab93e870556960f6f0ef689ca99c128e5d65cae6e06debbdaec5d33f9876fa28d1e214e43e835cea597
SSDEEP

1536:HKqdrDqGkaUhTRNRTTqtQDZTGOHvwfc/bOSttzv+:HJrDqGYlPqiPwU/Pttzv

Score

N/A

Malware Config

Signatures

Files

8dfbdeb0306ad0a9d6be7d9f18651736c9b4636ba02f92b9c0df02ac045908d9
.exe windows x86

de01b88a867f1d7263328a981baa7c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
OutputDebugStringA
CloseHandle
WaitForSingleObject
GetLastError
CreateMutexA
GetModuleHandleA
GetSystemInfo
CreateThread
GetSystemDefaultUILanguage
lstrlenA
MultiByteToWideChar
WinExec
FreeLibrary
GetCurrentProcessId
CreateProcessA
TerminateProcess
ExitThread
GetModuleFileNameA
GetTickCount
MoveFileA
lstrcatA
LoadLibraryA
GetProcAddress
Sleep
HeapAlloc
GetVersionExA
HeapFree
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
InterlockedIncrement
InterlockedDecrement
SetFilePointer
IsBadCodePtr
IsBadReadPtr
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetCurrentProcess
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
HeapDestroy
HeapCreate

user32

wsprintfA
RegisterClassA
LoadIconA
LoadCursorA

gdi32

GetStockObject

advapi32

RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ws2_32

shutdown
WSAStartup
WSAGetLastError
htonl
recv
setsockopt
WSASocketA
send
socket
htons
connect
closesocket
inet_addr
gethostbyname
__WSAFDIsSet
select
WSAIoctl
WSACleanup
sendto

netapi32

NetUserAdd
NetLocalGroupAddMembers

iphlpapi

GetIfTable

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de01b88a867f1d7263328a981baa7c5b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

netapi32

iphlpapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB