ad120c314c08827605e0b085b6d2def238e04e2426cbe24ea9fbebe81a82f802

Sharing

Copy URL Twitter E-mail

General

Target

ad120c314c08827605e0b085b6d2def238e04e2426cbe24ea9fbebe81a82f802
Size

136KB
MD5

403e3604e84ae85729f3f3b5998ec510
SHA1

be41795d10b64af72a0e4f43f579ad8035f509ff
SHA256

ad120c314c08827605e0b085b6d2def238e04e2426cbe24ea9fbebe81a82f802
SHA512

5f638d6f776f3bfcb51e9efaa734bc89d071a0bb627ff809510267d1ce421480411cdc46d3065c081a658be1fc5d1aab09206d5e60f0efb93db9ae5b4fbdd3cc
SSDEEP

3072:2i8LdwLB0MAYboqp4nLyGKqdgYYqR8Ugl:tsdw6Mloqp4Ly9agZqiU2

Score

N/A

Malware Config

Signatures

Files

ad120c314c08827605e0b085b6d2def238e04e2426cbe24ea9fbebe81a82f802
.exe windows x86

35871a96977d4002de492fba34a74587

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
WSAConnect
WSAGetLastError
WSAAsyncGetHostByName
WSAStartup
WSACancelAsyncRequest
htons
send
recv
WSAAsyncSelect
closesocket
socket
WSACleanup

shell32

ShellExecuteW
SHGetSpecialFolderPathW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyW

user32

GetWindowTextLengthW
GetWindowTextW
UnhookWinEvent
SetTimer
KillTimer
GetMessageA
TranslateMessage
DispatchMessageA
GetForegroundWindow
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconA
RegisterClassExW
CreateWindowExW
DefWindowProcA
PostMessageA
DestroyWindow
UnregisterClassW
GetKeyboardLayoutNameA
SetWindowsHookExA
CallNextHookEx
GetKeyState
SetKeyboardState
UnhookWindowsHookEx
SetWinEventHook
LoadCursorA

kernel32

QueryPerformanceCounter
HeapCreate
GetFileType
GetTickCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidCodePage
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetHandleCount
WriteFile
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle
HeapSize
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
HeapFree
GetLastError
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
FreeLibrary
SetProcessWorkingSetSize
GetCurrentProcess
CopyFileW
CreateDirectoryW
DeleteFileW
CloseHandle
CreateFileW
GetSystemTime
CreateThread
GlobalUnlock
GlobalLock
ReadFile
GetFileSize
SetCurrentDirectoryW
GetModuleFileNameW
LockResource
LoadResource
SizeofResource
FindResourceA
RaiseException
RtlUnwind
EncodePointer
DecodePointer
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc

Exports

Exports

_FtpCreateDirectoryA@8
_FtpPutFileA@20
_FtpSetCurrentDirectoryA@8
_InternetCloseHandle@4
_InternetConnectA@32
_InternetOpenA@20

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35871a96977d4002de492fba34a74587

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

shell32

advapi32

user32

kernel32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 8KB