349c258ac671a9324fd7166dbb73ecaa8a339f79d9625810d01b25740be7faad

General

Target

349c258ac671a9324fd7166dbb73ecaa8a339f79d9625810d01b25740be7faad
Size

63KB
MD5

ae64b88cf0284768e40f4841cf57ecfc
SHA1

ddbccf04706b6f5e4d80258e08986cb2418ca4eb
SHA256

349c258ac671a9324fd7166dbb73ecaa8a339f79d9625810d01b25740be7faad
SHA512

6182ade472661714dfe01087eb73cf35db33d7cf8570352aa6e5ff00ae2037ad9195e6ee8ec91c8ea70f6366f8aff9ff98c5752dd6247355a99f86b5e8375cce
SSDEEP

768:vDpMh51C7GQmvb0xTJn3XTcI7qwS2UU7xq5A9jbLkqFcC2vIiB9nZRwznLgrv5Y:vDpM7bvbk5cIBF3jbDzs/RknEdztu

Score

N/A

Malware Config

Signatures

Files

349c258ac671a9324fd7166dbb73ecaa8a339f79d9625810d01b25740be7faad
.exe windows x86

7ea5e76612a83c650831c1508d0d11b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetModuleHandleA
GetVersionExA
CloseHandle
CreateThread
WinExec
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetLastError
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
CreateMutexA
CompareStringW
CompareStringA
LoadLibraryA
GetProcAddress
Sleep
GetLocalTime
GetCurrentProcess
GetTickCount
SetEndOfFile
LCMapStringW
LCMapStringA
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
ReadFile
CreateFileA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
SetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
GetSystemTime
TerminateProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType

user32

wsprintfA

advapi32

SetServiceStatus
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegisterServiceCtrlHandlerA

ws2_32

inet_ntoa
send
select
recv
ntohl
WSAIoctl
socket
connect
gethostname
__WSAFDIsSet
WSASocketA
closesocket
setsockopt
htonl
sendto
WSAStartup
htons
inet_addr
gethostbyname
WSACleanup

iphlpapi

GetIfTable

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7ea5e76612a83c650831c1508d0d11b7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

iphlpapi

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 20KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 20KB