932f2aafba3477352b134e4be98564d6924fe8259982ecb1cfd9a8d794d8768f

Sharing

Copy URL Twitter E-mail

General

Target

932f2aafba3477352b134e4be98564d6924fe8259982ecb1cfd9a8d794d8768f
Size

136KB
MD5

93181ec7a8158be99a237e1936224b7e
SHA1

38ec8b797a685b0e5b47c183fa5286f680dcd28b
SHA256

932f2aafba3477352b134e4be98564d6924fe8259982ecb1cfd9a8d794d8768f
SHA512

e605b51daaca78e5ba81eb63fc5f7177d1f21cd472e86e8a59f6ad40fc1a2854e3536edc35ca8a1013821a288adfdd1c310f6970698162b60e7531acff84f931
SSDEEP

3072:2i8LdwLB0MAYboqp4nLyGKqdgYYqR8Ugl:tsdw6Mloqp4Ly9agZqiU2

Score

N/A

Malware Config

Signatures

Files

932f2aafba3477352b134e4be98564d6924fe8259982ecb1cfd9a8d794d8768f
.exe windows x86

35871a96977d4002de492fba34a74587

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
WSAConnect
WSAGetLastError
WSAAsyncGetHostByName
WSAStartup
WSACancelAsyncRequest
htons
send
recv
WSAAsyncSelect
closesocket
socket
WSACleanup

shell32

ShellExecuteW
SHGetSpecialFolderPathW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyW

user32

GetWindowTextLengthW
GetWindowTextW
UnhookWinEvent
SetTimer
KillTimer
GetMessageA
TranslateMessage
DispatchMessageA
GetForegroundWindow
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconA
RegisterClassExW
CreateWindowExW
DefWindowProcA
PostMessageA
DestroyWindow
UnregisterClassW
GetKeyboardLayoutNameA
SetWindowsHookExA
CallNextHookEx
GetKeyState
SetKeyboardState
UnhookWindowsHookEx
SetWinEventHook
LoadCursorA

kernel32

QueryPerformanceCounter
HeapCreate
GetFileType
GetTickCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidCodePage
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetHandleCount
WriteFile
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle
HeapSize
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
HeapFree
GetLastError
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
FreeLibrary
SetProcessWorkingSetSize
GetCurrentProcess
CopyFileW
CreateDirectoryW
DeleteFileW
CloseHandle
CreateFileW
GetSystemTime
CreateThread
GlobalUnlock
GlobalLock
ReadFile
GetFileSize
SetCurrentDirectoryW
GetModuleFileNameW
LockResource
LoadResource
SizeofResource
FindResourceA
RaiseException
RtlUnwind
EncodePointer
DecodePointer
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc

Exports

Exports

_FtpCreateDirectoryA@8
_FtpPutFileA@20
_FtpSetCurrentDirectoryA@8
_InternetCloseHandle@4
_InternetConnectA@32
_InternetOpenA@20

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35871a96977d4002de492fba34a74587

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

shell32

advapi32

user32

kernel32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 8KB