ddb3a371b0e16c281661b3f031341c631625a7a6f5d5e0413dde85f8b5a9ea1b

Sharing

Copy URL

Twitter E-mail

General

Target

ddb3a371b0e16c281661b3f031341c631625a7a6f5d5e0413dde85f8b5a9ea1b
Size

64KB
MD5

e8d2bab337ad77877c6f31423f012a4a
SHA1

ea4d97309fdebe90e5f357ea27faa702b1e9b970
SHA256

ddb3a371b0e16c281661b3f031341c631625a7a6f5d5e0413dde85f8b5a9ea1b
SHA512

3bf2d43054fcd153dbdfeba18f6b103413ad6994a98f401b11b19a74398d33b219dc484abcfbdc0beaad267232a8b9467ceedb0c82e87370f0583f85ef11afa8
SSDEEP

768:4zl5WGKc0zTASHJw7gRWdIvMyLhr8rjvBk0XhjuxYlYn2/EDdfiXn+ha+3S/Grg:4BXKc8nKPAfhWjpk6jMYoknKS/G

Score

N/A

Malware Config

Signatures

Files

ddb3a371b0e16c281661b3f031341c631625a7a6f5d5e0413dde85f8b5a9ea1b
.exe windows x86

36118428c8ac89d167aa7b8812d90376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

ws2_32

gethostbyname
recv
send
htons
connect
closesocket
socket
WSAGetLastError
WSAStartup

kernel32

SetStdHandle
LoadLibraryW
GetModuleFileNameA
CloseHandle
GetLastError
CreateEventW
GlobalAlloc
GlobalFree
GetModuleHandleA
SetLastError
GetProcAddress
WriteConsoleW
HeapAlloc
CreateThread
Sleep
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
CreateFileW
HeapFree
HeapReAlloc
WideCharToMultiByte
DecodePointer
EncodePointer
RtlUnwind
RaiseException
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetCurrentThreadId
WriteFile
GetStdHandle
GetModuleFileNameW
FlushFileBuffers

user32

LoadIconA
LoadCursorA
RegisterClassExA
RegisterHotKey
GetClientRect
GetDlgItem
SetWindowPos
PostQuitMessage
CreateWindowExA
MessageBoxA
DefWindowProcA
GetWindowTextLengthA
DestroyWindow
SendMessageA
GetMessageA
DispatchMessageA
TranslateMessage
ShowWindow
UpdateWindow

gdi32

GetStockObject

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36118428c8ac89d167aa7b8812d90376

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ws2_32

kernel32

user32

gdi32

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 6KB - Virtual size: 5KB