6c097920d97a6a34da1165b5b7d0d55a462f49d381a1f4f741d74d8d1ad0d9d9

Sharing

Copy URL

Twitter E-mail

General

Target

6c097920d97a6a34da1165b5b7d0d55a462f49d381a1f4f741d74d8d1ad0d9d9
Size

117KB
MD5

1c9b6be5d329acccb132eb8c471b5a2f
SHA1

2f5c64ad12ec447cf1f19d89e576e5dce9919216
SHA256

6c097920d97a6a34da1165b5b7d0d55a462f49d381a1f4f741d74d8d1ad0d9d9
SHA512

834859dd325532f72c8668605089c7b8d8f59486bf0f6be98f362fd2d0f0a3a2d2cf5b6927ac2d679a07e01ab9c4a29a0a6f296b0fc7281dc33a045f3a07ac49
SSDEEP

1536:37RdhYOD+b+HDp9Y9ohF+2Vtj25W4ZV1qJ5r5NZLNWg4:37RdhYODkUd+Og5W4ZnqJpTBNWj

Score

N/A

Malware Config

Signatures

Files

6c097920d97a6a34da1165b5b7d0d55a462f49d381a1f4f741d74d8d1ad0d9d9
.exe windows x86

3375de67112495c89fd2e980c207ff30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
socket
setsockopt
htons
bind
closesocket
recvfrom
getsockname
ntohs
WSACleanup
inet_ntoa
sendto
inet_addr
listen
accept
WSAStartup
select
recv
send
getpeername
connect
htonl
gethostname
gethostbyname

kernel32

InitializeCriticalSection
DeleteCriticalSection
CreateMutexA
ReleaseMutex
GetLogicalDriveStringsA
Sleep
CreateThread
TerminateThread
GlobalAlloc
RtlZeroMemory
RtlMoveMemory
GlobalFree
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
EnterCriticalSection
IsBadReadPtr
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
LeaveCriticalSection
GetTickCount
CreateFileA
GetFileSize
ReadFile
CreateDirectoryA
FindNextFileA
FindFirstFileA
FindClose
CopyFileA
WriteFile
SetFilePointer
GetCommandLineA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
LCMapStringA
HeapFree

user32

PeekMessageA
wsprintfA
MessageBoxA
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer

dnsapi

DnsFlushResolverCache

shlwapi

PathFileExistsA

shell32

SHGetSpecialFolderPathA

mpr

WNetGetUserA

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetSetCookieA
InternetOpenA

msvcrt

__dllonexit
_onexit
__CxxFrameHandler
memmove
modf
_strnicmp
_ftol
_CIpow
toupper
atoi
strtod
tolower
malloc
realloc
free
rand
sprintf
??3@YAXPAX@Z
strrchr
??2@YAPAXI@Z
_stricmp
strncpy
strchr
strncmp
srand

advapi32

RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

ole32

CoUninitialize
OleRun
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoInitialize

oleaut32

SafeArrayGetElemsize
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VariantChangeType
VariantInit
SafeArrayUnaccessData

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3375de67112495c89fd2e980c207ff30

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

dnsapi

shlwapi

shell32

mpr

wininet

msvcrt

advapi32

ole32

oleaut32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 17KB - Virtual size: 66KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 868B

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 17KB - Virtual size: 66KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 868B