061e10f4bed256ad70615c71e3d2384abba96651c8ab0254af334481b333667b

Sharing

Copy URL Twitter E-mail

General

Target

061e10f4bed256ad70615c71e3d2384abba96651c8ab0254af334481b333667b
Size

732KB
MD5

7b54625f6b2338ad4c2cb8759b48c234
SHA1

a45aa2386300fa87346970130a2177bfcdf07888
SHA256

061e10f4bed256ad70615c71e3d2384abba96651c8ab0254af334481b333667b
SHA512

e1e60f068fc7309d11a368044bb73084c93b399f5dad8772850ac2ad597c52df4bdb87fa78ed4678b2de840b35f684834bc53c8087d71eca518566ba2a80df4a
SSDEEP

12288:wfUdh0fMP8fRAOHhoPNZfGggqQcL590Fhl4IirNMp35LhbdrTj3/VUD:W2LEJAOHhoPNZ+ggVcLnOn4IirKp/bdg

Score

N/A

Malware Config

Signatures

Files

061e10f4bed256ad70615c71e3d2384abba96651c8ab0254af334481b333667b
.exe windows x86

8bda5ba250cb41c2734e430e1c3f9708

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
lstrlenW
MultiByteToWideChar
CreateDirectoryW
GetPrivateProfileStringW
CompareStringW
GetThreadLocale
CompareStringA
WideCharToMultiByte
GetFileAttributesW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
lstrcpyW
FindFirstFileW
GetLastError
RemoveDirectoryW
lstrcmpiW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
OutputDebugStringW
OutputDebugStringA
SetFilePointerEx
WaitForSingleObjectEx
WaitForSingleObject
WriteFile
UnmapViewOfFile
UnlockFileEx
UnlockFile
SystemTimeToFileTime
Sleep
SetFilePointer
SetEndOfFile
ReadFile
QueryPerformanceCounter
MapViewOfFile
LockFileEx
LockFile
LocalFree
LoadLibraryA
HeapValidate
HeapSize
HeapReAlloc
HeapAlloc
HeapCreate
GetVersionExA
GetTickCount
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FormatMessageW
FormatMessageA
FlushFileBuffers
DeleteFileA
CreateMutexW
CreateFileMappingW
CreateFileW
CreateFileA
AreFileApisANSI
DeleteCriticalSection
InterlockedCompareExchange
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LocalFileTimeToFileTime
GetCurrentDirectoryW
SetFileTime
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
SetEnvironmentVariableA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapFree
TerminateProcess
OpenProcess
CloseHandle
SetLastError
HeapDestroy
GetTempPathW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
SetHandleCount
GetOEMCP
GetACP
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
VirtualAlloc
VirtualFree
GetConsoleMode
GetConsoleCP
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW

user32

wsprintfA
CharLowerBuffW
MessageBoxA
RegisterClassExW
wsprintfW
SetTimer
SendMessageW
KillTimer
PostQuitMessage
GetMessageW
DefWindowProcW
DispatchMessageW
TranslateMessage
CreateWindowExA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoCreateGuid
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
StringFromGUID2
StringFromCLSID

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules

ws2_32

WSACleanup
closesocket
recv
send
connect
htons
gethostbyname
socket
WSAStartup

Sections

.text
Size: 608KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bda5ba250cb41c2734e430e1c3f9708

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

psapi

ws2_32

Sections

.text Size: 608KB - Virtual size: 605KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 608KB - Virtual size: 605KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 8KB - Virtual size: 6KB