296663f9bfb2280065afdec65a9d381bd10c9458ab2198cd8a9bcf6265c35b17

Sharing

Copy URL Twitter E-mail

General

Target

296663f9bfb2280065afdec65a9d381bd10c9458ab2198cd8a9bcf6265c35b17
Size

108KB
MD5

ccf2a36a5caaeb5ca4f2504073aa578a
SHA1

7a74e732274ea589af682f99b0266a210eb9f515
SHA256

296663f9bfb2280065afdec65a9d381bd10c9458ab2198cd8a9bcf6265c35b17
SHA512

eabc08ab93a9feefd0a5b8626bef1d7d743b631b36f8a825e3e436b48b383ce1ae9024bf3d3d5550958808c3e9b6fc4574e7b58f096a23f668dd5b9de132ab69
SSDEEP

1536:4NQlBDB6NRFAufl+BcHpFkfdqeU/ACtfz7BHpc:0EtMNvAIoBMpIdqeEAOfz7BJ

Score

N/A

Malware Config

Signatures

Files

296663f9bfb2280065afdec65a9d381bd10c9458ab2198cd8a9bcf6265c35b17
.exe windows x86

842d6e2c29a33a7c62251b7814e13fdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_CxxThrowException
??3@YAXPAX@Z
memmove
_ftol
memcpy
memset
??2@YAPAXI@Z
memcmp
malloc
strrchr
strlen
exit
realloc
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
calloc
strncmp
fopen
fclose
strstr
rand
atoi
atol
strcpy
strcat
_except_handler3
free
__CxxFrameHandler

kernel32

GetStartupInfoA
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
Process32Next
lstrcmpiA
GetCurrentThreadId
GetSystemTime
InitializeCriticalSection
Sleep
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
CreateEventA
ResetEvent
WaitForSingleObject
SetEvent
InterlockedExchange
CancelIo
CloseHandle
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
GetProcAddress
LoadLibraryA
GetFileAttributesA
CreateProcessA
lstrcpyA
lstrlenA
TerminateThread
CreateThread
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
MoveFileExA
MoveFileA
GetTickCount
GetTempPathA
GetLastError
HeapAlloc
GetProcessHeap
VirtualProtect
IsBadReadPtr
HeapFree
FreeLibrary
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
OpenEventA
CreateMutexA
FindClose
FindFirstFileA
WinExec
CopyFileA

user32

GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
CloseDesktop
OpenInputDesktop
PostThreadMessageA
GetMessageA
ExitWindowsEx
wsprintfA
OpenDesktopA
GetInputState
MessageBoxA

advapi32

RegQueryValueExA
RegQueryValueA
CreateServiceA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
StartServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenServiceA
DeleteService
RegCreateKeyA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

ws2_32

socket
recv
select
closesocket
gethostbyname
WSACleanup
gethostname
getsockname
htons
WSAIoctl
send
setsockopt
WSAStartup
connect

wininet

InternetOpenUrlA
InternetCloseHandle
InternetOpenA

avicap32

capGetDriverDescriptionA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

842d6e2c29a33a7c62251b7814e13fdb

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

ws2_32

wininet

avicap32

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 16KB - Virtual size: 14KB