9bc73370e57fb222cc5cd2245773659297d30b70c900c941e3fb40e738034a28

Sharing

Copy URL Twitter E-mail

General

Target

9bc73370e57fb222cc5cd2245773659297d30b70c900c941e3fb40e738034a28
Size

114KB
MD5

2989ab8e65be1231061024fb568d8c2f
SHA1

77bfca5481f09395e590f3a02089fe92c2b084d4
SHA256

9bc73370e57fb222cc5cd2245773659297d30b70c900c941e3fb40e738034a28
SHA512

7e3c58652e29d54172af39388df8003601e3ed166b268d25a1b14828cc18108d156edc19e2947ca3fe97d9f40e91f7619907b24c56aa114519c85416cfd1c29f
SSDEEP

3072:TE/92L0IKtxtxy+Bn9widzM4ZYe5dlORD:TE/SfYNy+Bn5AmYe5bOd

Score

N/A

Malware Config

Signatures

Files

9bc73370e57fb222cc5cd2245773659297d30b70c900c941e3fb40e738034a28
.exe windows x86

149a45f1c2a086f21637de98ddadb2a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
WaitForSingleObject
ExitProcess
SetThreadPriority
lstrlenA
CopyFileA
GetSystemDirectoryA
GlobalMemoryStatusEx
GetComputerNameA
GetSystemDefaultUILanguage
SetStdHandle
LCMapStringW
CreateProcessA
ResumeThread
GetTempPathA
LoadLibraryA
GetProcAddress
WinExec
OpenMutexA
ReleaseMutex
CloseHandle
GetLastError
GetModuleFileNameA
SetFileAttributesA
CreateThread
CreateMutexA
Sleep
LCMapStringA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
GetTickCount
ExitThread
TerminateProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
VirtualAlloc

user32

GetDesktopWindow
wsprintfA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
RegQueryValueExA

shell32

ShellExecuteA

ws2_32

recv
setsockopt
__WSAFDIsSet
htons
socket
closesocket
select
send
WSAStartup
WSAIoctl
connect
gethostbyname
inet_addr
sendto
WSASocketA
htonl

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

149a45f1c2a086f21637de98ddadb2a2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 13KB - Virtual size: 18KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 13KB - Virtual size: 18KB

.rmnet
Size: 56KB - Virtual size: 60KB