203da6dde5af7d342395adee7e6d12630adcb6caf6e4565a0f5cb0cd9a6be062

Sharing

Copy URL Twitter E-mail

General

Target

203da6dde5af7d342395adee7e6d12630adcb6caf6e4565a0f5cb0cd9a6be062
Size

650KB
MD5

767feb32c7efa7202e1faf7b59090b07
SHA1

bb426755a146623aa8a8ced381cd27873bd9a48b
SHA256

203da6dde5af7d342395adee7e6d12630adcb6caf6e4565a0f5cb0cd9a6be062
SHA512

c4132ec38ff98281f2cd78ea064df8f1690920a0d190359a9f97f7abe4c49dc5ab852f26927b3cb8fc4e6a49c16585d9549b6c1e302ee5530aff1c418c998921
SSDEEP

12288:MMMHMO9+nHzmc7nuXZ4qRGI5Z360W/EG28c3:m9smCuXZ4cDK0WQ88

Score

N/A

Malware Config

Signatures

Files

203da6dde5af7d342395adee7e6d12630adcb6caf6e4565a0f5cb0cd9a6be062
.exe windows x86

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
gethostbyaddr
WSAStringToAddressA
WSAIsBlocking
WSAEnumProtocolsW
WSAEnumNameSpaceProvidersA
WSAGetQOSByName
getservbyname
WSADuplicateSocketA
WSAGetLastError

oleaut32

VariantCopy
LoadTypeLi
VariantChangeType
SetErrorInfo
SysStringLen

kernel32

EndUpdateResourceA
CreateNamedPipeW
SetErrorMode
GetVolumeInformationW
DeleteCriticalSection
SizeofResource
FormatMessageA
ExitProcess
VirtualAllocEx
GlobalAddAtomA
FreeLibraryAndExitThread
FindFirstFileExW
SetSystemTime
GetDriveTypeW
GetPrivateProfileStringW
SetFileAttributesA
GetConsoleCursorInfo
SetEndOfFile
VirtualProtect
OutputDebugStringW
GetLogicalDriveStringsA
ScrollConsoleScreenBufferA
SetThreadLocale
ReadConsoleOutputA
GetHandleInformation
EnumTimeFormatsW
SetThreadPriorityBoost
EnumCalendarInfoA
GetFileInformationByHandle
GetConsoleMode
GetCurrentDirectoryW
GetCommState

user32

PeekMessageW
TrackPopupMenuEx
CharLowerA
MonitorFromPoint
EnumDisplaySettingsW
MonitorFromWindow
WaitMessage
GetDlgItemTextW
InvertRect
GetNextDlgTabItem
LoadBitmapA
RemovePropW
GetActiveWindow
WindowFromPoint
OpenClipboard
SetMenuItemInfoA
RegisterClassA
TileWindows
IsCharLowerA
CopyImage
WinHelpA
GetMonitorInfoA
SendMessageCallbackW
ClientToScreen
IsCharUpperW
ChangeMenuA
EndPaint
WindowFromDC
CreateDialogParamA
ModifyMenuW
GetKeyboardType
CreateMDIWindowW

advapi32

RegOpenKeyW
RegCreateKeyW
CryptCreateHash
CryptGetUserKey
CloseServiceHandle
RevertToSelf
AddAccessDeniedAce
CryptDestroyKey
GetLengthSid
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RegLoadKeyW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
OpenSCManagerW
OpenEventLogW

msvcrt

_fstat
_mbsupr
time
ftell
calloc
wcstok
_ultow

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c002d9cf9a7fc0e1c61458b3cc4b8e6a

Headers

File Characteristics

Imports

ws2_32

oleaut32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 328KB - Virtual size: 328KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 328KB - Virtual size: 328KB

.rsrc
Size: 10KB - Virtual size: 9KB