bba3006b7c65612a706127889970659d2532546394650d5034d1cb25f36b1a0b

Sharing

Copy URL Twitter E-mail

General

Target

bba3006b7c65612a706127889970659d2532546394650d5034d1cb25f36b1a0b
Size

152KB
MD5

f5e54ff948090c845d428dd85ff31004
SHA1

575389feff3557c91669ddd30e03d694b3bd123d
SHA256

bba3006b7c65612a706127889970659d2532546394650d5034d1cb25f36b1a0b
SHA512

d4dd0cfe20ec3df172092de0bb177081e9e8000d8c4a329153e94111c5daffe756353f40b886f822a96debdb0070a5146e5beec6593ffb0a0237f5507bd926cf
SSDEEP

3072:uuz9BxgAsKo6qvVju2PIPpW80Mej9JmVk:uuJBxOKo6qtClPfZeJgk

Score

N/A

Malware Config

Signatures

Files

bba3006b7c65612a706127889970659d2532546394650d5034d1cb25f36b1a0b
.exe windows x86

560a0c217e61c592c96e90df4803d20e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
WSAStartup
inet_addr
htons
WSACleanup
recv
socket
closesocket
gethostbyname
send

kernel32

MulDiv
GlobalUnlock
RtlMoveMemory
GetProcAddress
GlobalFree
LockResource
ExitProcess
GetCommandLineW
CreateMutexW
lstrcmpA
lstrlenA
lstrcpynA
HeapAlloc
HeapFree
GetModuleHandleW
VirtualFree
GetProcessHeap
SizeofResource
WideCharToMultiByte
TerminateThread
Sleep
GetVersionExW
lstrcpynW
TerminateProcess
lstrcatA
lstrcmpW
lstrlenW
GetStartupInfoW
GetLastError
VirtualAlloc
GetLocalTime
Process32FirstW
Process32NextW
lstrcatW
CreateToolhelp32Snapshot
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
CreateThread
lstrcpyA
LoadLibraryW
GlobalAlloc
FreeResource
GlobalLock
LoadResource
FreeLibrary
FindResourceW
OpenProcess

user32

ReleaseCapture
MessageBoxW
SetWindowsHookExW
CreateWindowExW
FindWindowExW
CreateDialogParamW
SetMenu
ShowWindow
LoadStringW
GetCursorPos
SetWindowPos
GetSysColor
SendDlgItemMessageW
EndDialog
SetWindowLongW
GetDlgItem
EnableMenuItem
SetClassLongW
SystemParametersInfoW
GetWindowTextW
LoadMenuW
GetAsyncKeyState
GetWindowTextA
LoadIconW
RegisterClassExW
SetFocus
GetClientRect
FindWindowW
wsprintfA
IsWindowEnabled
LoadCursorW
AttachThreadInput
TrackMouseEvent
DialogBoxParamW
SetForegroundWindow
GetSubMenu
SetCapture
TrackPopupMenu
SendDlgItemMessageA
LockSetForegroundWindow
GetWindowRect
GetWindowTextLengthW
SetCursor
DestroyWindow
MapWindowPoints
UpdateWindow
EnableWindow
SetWindowTextW
DestroyIcon
CallWindowProcW
DefWindowProcW
GetDC
ReleaseDC
GetWindowThreadProcessId
SendMessageW

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetTextExtentPoint32W
SetTextColor
SelectObject
GetDeviceCaps
DeleteDC
GetStockObject
TextOutW
GetObjectW
CreateFontW
SetBkColor

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

560a0c217e61c592c96e90df4803d20e

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 11KB

.tls Size: 6KB - Virtual size: 5KB

.rsrc Size: 125KB - Virtual size: 124KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 11KB

.tls
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 125KB - Virtual size: 124KB