38b82640ee5ebd824eddb808047d925b9f1cf0367ce6fce3b74c0e522795ea9a

Sharing

Copy URL Twitter E-mail

General

Target

38b82640ee5ebd824eddb808047d925b9f1cf0367ce6fce3b74c0e522795ea9a
Size

200KB
MD5

2d39cfaa1b67e321d164275471cf3a65
SHA1

4c702110b6233be1ebf15768f9aad6f0bd4f7388
SHA256

38b82640ee5ebd824eddb808047d925b9f1cf0367ce6fce3b74c0e522795ea9a
SHA512

898972e8baefbbd6c837ece6e36228d7cf330fffe3717dd3ffe8346c344f77f064f327f07a0df0c43803aec970c1bde2d3513d82f5fd9ed6203de81553f9dc33
SSDEEP

3072:v9EsajJr6awJ/q6wlEwqF0q6kfQMHNE+nAW95/yl:v9EsalGng6Sqmqnfhfyl

Score

N/A

Malware Config

Signatures

Files

38b82640ee5ebd824eddb808047d925b9f1cf0367ce6fce3b74c0e522795ea9a
.exe windows x86

04d883093c57b548c2706560eef9163f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcess
LocalFree
FormatMessageA
ExitProcess
CreateMutexA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
ReadFile
GetFileAttributesA
DeleteFileA
GetFileSize
Process32First
CreateToolhelp32Snapshot
CopyFileA
GetModuleFileNameA
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
GetSystemDirectoryA
lstrcmpiA
FreeResource
TerminateThread
CreateProcessA
WaitForSingleObject
FindResourceA
SizeofResource
LoadResource
GlobalAlloc
LockResource
HeapAlloc
GlobalFree
WriteFile
lstrlenA
GetTempPathA
WinExec
lstrcpyA
GetSystemInfo
CreateThread
CloseHandle
CreateFileA
Sleep
DeviceIoControl
GetTickCount
lstrcatA
LoadLibraryA
GetProcAddress
Process32Next
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
HeapReAlloc
VirtualAlloc
SetFilePointer
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
RtlUnwind
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
LCMapStringW

user32

PostMessageA
FindWindowA
FindWindowExA
wsprintfA

advapi32

RegSetValueExA
CreateServiceA
StartServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegFlushKey
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

WSAGetLastError
setsockopt
gethostname
sendto
WSACleanup
WSAStartup
WSASocketA
socket
htons
connect
closesocket
inet_addr
gethostbyname
send
WSAIoctl
recv
__WSAFDIsSet
select
htonl

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d883093c57b548c2706560eef9163f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 140KB - Virtual size: 136KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 140KB - Virtual size: 136KB