25da9b054b8d638433f753c47ab222fef0dc5c42e0fc664c0296756c29812eac

Sharing

Copy URL Twitter E-mail

General

Target

25da9b054b8d638433f753c47ab222fef0dc5c42e0fc664c0296756c29812eac
Size

399KB
MD5

a054bf51a9358ca92d06d9b6509233b8
SHA1

c10b86d92672390e8650d4fdd918dbdc92f94841
SHA256

25da9b054b8d638433f753c47ab222fef0dc5c42e0fc664c0296756c29812eac
SHA512

5c706d26de4e59367cd61be52866aae490a2f216df9cd0b97e4942dbc94cdcf0442a52f33649df0e3ce21f3be0e726438c947c697b852439f8dc09aeadd5a47d
SSDEEP

12288:4aOgnPWJzw8DBdpFV+PwrWGv9sNBKrP3u0:4C07OwrWau0

Score

N/A

Malware Config

Signatures

Files

25da9b054b8d638433f753c47ab222fef0dc5c42e0fc664c0296756c29812eac
.exe windows x86

af345d5f1d0370687ec532bb9caf3a44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CreateNamedPipeA
SetCurrentDirectoryA
DisconnectNamedPipe
ConnectNamedPipe
CloseHandle
VerifyVersionInfoW
GetCurrentProcess
VerSetConditionMask
LoadLibraryA
GetProcAddress
CreateEventA
SetEvent
WaitForSingleObject
GetProcessHeap
GetTickCount
HeapFree
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
GetModuleHandleA
SwitchToThread
InterlockedIncrement
ExpandEnvironmentStringsA
WaitForSingleObjectEx
FormatMessageA
SleepEx
InitializeCriticalSectionEx
GetTickCount64
VerifyVersionInfoA
SetEnvironmentVariableA
SetEndOfFile
CreateFileW
HeapAlloc
GetModuleFileNameA
GetLastError
Sleep
GetFileAttributesA
OutputDebugStringW
FlushFileBuffers
WriteConsoleW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
ReadFile
GetSystemTimeAsFileTime
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
GetCommandLineA
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
IsValidCodePage
GetACP
GetOEMCP
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetStdHandle
GetFileType
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
GetTimeZoneInformation
SetStdHandle

advapi32

RegisterEventSourceA
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
SetServiceStatus
ReportEventA
DeregisterEventSource
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CryptDestroyHash
ControlService
QueryServiceStatusEx
StartServiceA
EnumDependentServicesA
OpenSCManagerW
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
DeleteService
CloseServiceHandle
OpenServiceA

ws2_32

ioctlsocket
freeaddrinfo
getaddrinfo
WSAIoctl
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
WSACleanup
WSAStartup

Sections

.text
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af345d5f1d0370687ec532bb9caf3a44

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 310KB - Virtual size: 309KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 310KB - Virtual size: 309KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 15KB - Virtual size: 14KB