c1ea64f953a5a905293f2844f23cd1399773a9c7b3e87a2894b5eb2a1f16c6ba

General

Target

c1ea64f953a5a905293f2844f23cd1399773a9c7b3e87a2894b5eb2a1f16c6ba
Size

672KB
MD5

64b5dd9e616c11ee8941f0433d411700
SHA1

37a28977531f4c932abf13d816a88c472414f92b
SHA256

c1ea64f953a5a905293f2844f23cd1399773a9c7b3e87a2894b5eb2a1f16c6ba
SHA512

eae879c9375ffacb75354abc64005faa998a7d5871128b02638ae96a05185605f46385ed3199532505c411108b890c85fda3642d030afb0a20ff9c80f1831e81
SSDEEP

6144:MpqI9Qy/PffOuv/fHfigYhgkwrB//lvUgX218hIVWdASvDMYgoGN9qz5:MT+uPflhYDC5lv061AYIFN9qN

Score

N/A

Malware Config

Signatures

Files

c1ea64f953a5a905293f2844f23cd1399773a9c7b3e87a2894b5eb2a1f16c6ba
.exe windows x86

89d89806db726719a03df828730be4a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
LookupAccountNameW
ImpersonateSelf
GetTokenInformation
BuildTrusteeWithNameW
BuildSecurityDescriptorW
IsTextUnicode
CryptGenRandom
LookupAccountNameA
QueryServiceObjectSecurity
InitiateSystemShutdownW
GetCurrentHwProfileW
DeregisterEventSource
EqualSid
OpenSCManagerA

ws2_32

recv
WSARecv
htonl
WSAAddressToStringW
WSASetLastError
WSAUnhookBlockingHook
WSAEnumNetworkEvents

kernel32

LocalFileTimeToFileTime
PurgeComm
OpenMutexA
IsDBCSLeadByteEx
ScrollConsoleScreenBufferA
IsBadStringPtrA
SetTimeZoneInformation
ExitProcess
FlushConsoleInputBuffer
GetOverlappedResult
SetEnvironmentVariableA
FormatMessageA
LocalAlloc
GetAtomNameA
SetVolumeLabelA
EnumSystemCodePagesW
GetNumberFormatW
DeleteCriticalSection

user32

LoadImageA
DefMDIChildProcW
ChangeDisplaySettingsExA
DeleteMenu
TranslateAcceleratorA
MsgWaitForMultipleObjectsEx
GetSystemMenu
SetWindowsHookExA
GetClassInfoExA
MessageBoxA
IsMenu
CreateCursor
FillRect
IsCharUpperA
LoadMenuA
SetParent
CharToOemBuffA
SetProcessWindowStation

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89d89806db726719a03df828730be4a7

Headers

File Characteristics

Imports

advapi32

ws2_32

kernel32

user32

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 32KB - Virtual size: 31KB