16bb438f6097596b1334b9f1c8a148d1ac39ea8f5eeb73670804f3b44b2a8958

Sharing

Copy URL

Twitter E-mail

General

Target

16bb438f6097596b1334b9f1c8a148d1ac39ea8f5eeb73670804f3b44b2a8958
Size

200KB
MD5

cfd6e2f49a8ff993c42025d9a3cb83d4
SHA1

0144bdf699d42edf5c26152ae65e76a1078b5e83
SHA256

16bb438f6097596b1334b9f1c8a148d1ac39ea8f5eeb73670804f3b44b2a8958
SHA512

6e5621a021644555eef080ec6ea88cba9fcd3ab9db9017a40c57d4790654b250478123c17909f56d3c8977bc4036bdb54b761cbbdbddf6717fcdd2659649a677
SSDEEP

3072:+USmpDY3TY3pUaSu5H7hmagKZgYreX9v1tNUudsBZNhbsTBft1d3mc5O:+HADYjY31SuV7M1rdabhbsTBl1d3ms

Score

N/A

Malware Config

Signatures

Files

16bb438f6097596b1334b9f1c8a148d1ac39ea8f5eeb73670804f3b44b2a8958
.exe windows x86

58aa5106e46242ddceabdf12ec2e33ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
CloseHandle
ResetEvent
SetEvent
Sleep
GetTickCount
ExitThread
CreateThread
FreeLibrary
GetCurrentProcessId
GetProcessHeap
GetCurrentThreadId
TerminateProcess
CreateProcessA
WriteFile
DeleteFileA
GetLastError
lstrlenA
GetDriveTypeA
FindClose
GetFileAttributesA
GetStartupInfoA
lstrcatA
GetWindowsDirectoryA
lstrcpyA
TerminateThread
InterlockedExchange
SetFilePointer
GetFileSize
CreateFileA
GetSystemDirectoryA
GetLocalTime
LocalFree
LocalAlloc
ReadFile
LocalSize
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
CreateMutexA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
GlobalMemoryStatusEx
lstrcmpiA
CreateToolhelp32Snapshot
Module32Next
Module32First
CreateRemoteThread
GetModuleHandleA
OpenProcess
GetDiskFreeSpaceExA
LocalReAlloc
Process32Next
Process32First
LoadLibraryW
RaiseException

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
_CxxThrowException
memcpy
memmove
ceil
_ftol
strlen
strstr
memcmp
rand
strcpy
sprintf
atoi
strncpy
strcspn
malloc
srand
time
strcat
strchr
strcmp
free
_except_handler3
strrchr
exit
strncat
realloc
strncmp
_errno
wcscpy
atol
_mbsstr
_mbscmp
_beginthreadex
_snprintf
??1type_info@@UAE@XZ
__dllonexit
_onexit
_iob
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_strcmpi
_strrev
_stricmp
_strnicmp
memset
??0exception@@QAE@ABQBD@Z

urlmon

URLDownloadToFileA

msvfw32

ICSeqCompressFrameEnd
ICSeqCompressFrame
ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICClose
ICCompressorFree

netapi32

NetLocalGroupAddMembers
NetUserDel
NetUserGetInfo
NetUserSetInfo
NetUserEnum
NetApiBufferFree
NetUserAdd

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58aa5106e46242ddceabdf12ec2e33ac

Headers

File Characteristics

Imports

kernel32

msvcrt

urlmon

msvfw32

netapi32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 14KB - Virtual size: 26KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 14KB - Virtual size: 26KB

.rsrc
Size: 1KB - Virtual size: 1KB