f8d8ffe3d14b6daa2d959b0c675d8974a5ee73e0d23169af34d4cb9ec34cb5d2

Sharing

Copy URL Twitter E-mail

General

Target

f8d8ffe3d14b6daa2d959b0c675d8974a5ee73e0d23169af34d4cb9ec34cb5d2
Size

74KB
MD5

a7817f07c33970ad76e7a2a969590e72
SHA1

d6d41a01c8bff1217262fa3ab840b12472803a0d
SHA256

f8d8ffe3d14b6daa2d959b0c675d8974a5ee73e0d23169af34d4cb9ec34cb5d2
SHA512

7ea95d1982e8ad893123c2dce181fc1d3030cbffcf125ea01c542dd54cd48b3c73f7b0ec1a5e158e8fd34a1e83ac60aef9357cb310b4146e2b32a8317114cfe5
SSDEEP

1536:QYLySMxX22Z1Hk2/h6QkM49cA10bhqSew/Lhni/VUM:R14X20bZaF9cA1KqXg0qM

Score

N/A

Malware Config

Signatures

Files

f8d8ffe3d14b6daa2d959b0c675d8974a5ee73e0d23169af34d4cb9ec34cb5d2
.exe windows x86

dd0f3d48a590bb465483412982191e3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
_strdup
free
_stricmp
atof
_isnan
sprintf
memmove
strcmp
strlen
strcpy
strcat
memcpy
_CIatan
_CIpow
localtime
mktime
gmtime

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
WinExec
GetLogicalDrives
GetVolumeInformationA
GetDriveTypeA
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
OpenProcess
GetSystemDefaultLCID
GetLocaleInfoA
GetComputerNameA
GlobalMemoryStatus
Sleep
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CreateThread
GetModuleFileNameA
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
HeapAlloc
CreateProcessA
HeapFree
GetCommandLineA
PeekNamedPipe
ReadFile
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetTickCount
TlsGetValue
FreeLibrary
LoadLibraryA
GetProcAddress
GetTempPathA
CreateDirectoryA
SetFileAttributesA
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
CopyFileA
GetLastError
FindNextFileA
WriteFile
CreateFileA
GetFileSize
SetFilePointer
HeapReAlloc
GetLocalTime
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

user32

EnumWindows
GetWindowTextA
GetSystemMetrics
CharLowerA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
StartServiceA
ControlService
QueryServiceStatus

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

wsock32

WSAStartup
socket
connect
send
recv
WSACleanup
gethostbyname
inet_ntoa
inet_addr
closesocket

winmm

timeBeginPeriod
timeEndPeriod

iphlpapi

SendARP

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree

Sections

.code
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd0f3d48a590bb465483412982191e3b

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

wsock32

winmm

iphlpapi

ole32

Sections

.code Size: 41KB - Virtual size: 40KB

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 512B - Virtual size: 181B

.data Size: 13KB - Virtual size: 13KB

.code
Size: 41KB - Virtual size: 40KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 512B - Virtual size: 181B

.data
Size: 13KB - Virtual size: 13KB