ee943be6824ccb4110b9b8bb6542fa4e805c9e340bddf8f06fbcbef87381b6f2

Sharing

Copy URL Twitter E-mail

General

Target

ee943be6824ccb4110b9b8bb6542fa4e805c9e340bddf8f06fbcbef87381b6f2
Size

108KB
MD5

6407d7f9a291bdc11019c5b2e5a03bda
SHA1

8659fe2001dd39294aef7ef9a6b5b0bc60004217
SHA256

ee943be6824ccb4110b9b8bb6542fa4e805c9e340bddf8f06fbcbef87381b6f2
SHA512

578dcbfe667eb495a94411181f03e3c1e2e8d0e94c841d09535e6d6da0675b50bf32db2988c55c7f227f0832d28aa72b3bd9f3cc10c002d20f2f1fcd8a93a0bf
SSDEEP

3072:lVwi/erT0jPlEIwwnpRM5D1ouqSdL5LWHsH:lVwi/erop5wwnpaDhZdL5LO

Score

N/A

Malware Config

Signatures

Files

ee943be6824ccb4110b9b8bb6542fa4e805c9e340bddf8f06fbcbef87381b6f2
.exe windows x86

d947623612a3d7773633c5cfaf33b86c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
CreateProcessA
DuplicateHandle
GetCurrentProcess
ExitThread
Sleep
ReadFile
PeekNamedPipe
WriteFile
CreatePipe
DisconnectNamedPipe
TerminateProcess
WaitForMultipleObjects
TerminateThread
CreateThread
GetStdHandle
FreeConsole
WriteConsoleA
CreateFileA
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
SetFilePointer
SetStdHandle
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapFree
HeapAlloc
ExitProcess
Beep
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
WideCharToMultiByte
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
FlushFileBuffers
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
SetEndOfFile

wsock32

__WSAFDIsSet
select
listen
getsockname
recvfrom
accept
WSASetLastError
socket
setsockopt
bind
connect
htons
getservbyport
ntohs
getservbyname
ioctlsocket
gethostbyname
inet_addr
gethostbyaddr
WSAGetLastError
WSAStartup
WSACleanup
closesocket
recv
send

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

orndhwc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d947623612a3d7773633c5cfaf33b86c

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 13KB

.idata Size: 32KB - Virtual size: 32KB

orndhwc Size: - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 13KB

.idata
Size: 32KB - Virtual size: 32KB

orndhwc
Size: - Virtual size: 4KB