8e48db110b2208fd9c6d09dde82f65616e5c62d9c5f466ca77cfa8bf633626ce

Sharing

Copy URL Twitter E-mail

General

Target

8e48db110b2208fd9c6d09dde82f65616e5c62d9c5f466ca77cfa8bf633626ce
Size

1.3MB
MD5

b124bee6bd88b4727a9598e91908aa04
SHA1

43fe7a1318a25e2d1ff09c47bf5c49312fa9aab0
SHA256

8e48db110b2208fd9c6d09dde82f65616e5c62d9c5f466ca77cfa8bf633626ce
SHA512

c266410f98c55bb949a87453aa926fda211a5e7476951353c28a569c57bfd2c2a430f7dcd99ca37cd71039c88077cdd1ab82627d443bd5a006695610db2b5046
SSDEEP

24576:ugo4m5fxx53pGTNT11i/xoZepW23/m+A0lrTp/PxEnH5F4eNvSXp/rrc2Hy:nCbyi5oMo2Pm90BF/YHMiSXp/rrc2Hy

Score

N/A

Malware Config

Signatures

Files

8e48db110b2208fd9c6d09dde82f65616e5c62d9c5f466ca77cfa8bf633626ce
.exe windows x86

e532ba3b3b98ebbdd64f22b009535bfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockopt
ioctlsocket
send
gethostbyname
gethostbyaddr
closesocket
WSASetLastError
getservbyname
socket
recv
getservbyport
ntohs
htons
select
htonl
inet_addr
WSAAddressToStringW
connect
inet_ntoa
WSAGetLastError
WSAStartup
shutdown

wininet

InternetSetOptionW
HttpOpenRequestA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetCrackUrlA
InternetQueryDataAvailable
InternetQueryOptionW
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

kernel32

HeapAlloc
HeapFree
GetProcessHeap
WriteFile
GetTempFileNameA
CloseHandle
GetTempPathA
DeleteFileA
GetEnvironmentVariableW
CreateProcessW
GetModuleFileNameW
CreateFileW
GetShortPathNameW
HeapReAlloc
FreeLibrary
FormatMessageW
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
CreateFileA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
SetLastError
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LCMapStringW
LCMapStringA
SetStdHandle
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
GetUserDefaultLCID
IsValidLocale
WriteConsoleA
LocalFree
WriteConsoleW
ReadFile
FlushFileBuffers
FindNextFileA
SetEndOfFile
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
VirtualAlloc
RtlUnwind
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetConsoleOutputCP
DeleteCriticalSection
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineA
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
ExitProcess
GetTimeFormatA
GetDateFormatA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
SetConsoleCtrlHandler
InterlockedExchange
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTimeZoneInformation
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
HeapSize
GetModuleFileNameA

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

shell32

SHGetFolderPathW

ole32

CoCreateGuid

Sections

.text
Size: 985KB - Virtual size: 985KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e532ba3b3b98ebbdd64f22b009535bfc

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 985KB - Virtual size: 985KB

.rdata Size: 250KB - Virtual size: 249KB

.data Size: 61KB - Virtual size: 86KB

.reloc Size: 50KB - Virtual size: 49KB

.text
Size: 985KB - Virtual size: 985KB

.rdata
Size: 250KB - Virtual size: 249KB

.data
Size: 61KB - Virtual size: 86KB

.reloc
Size: 50KB - Virtual size: 49KB