04f10c40eff2333bd0da9c6f320bce3066f625746249bebc2e808b0df496aa4a

Sharing

Copy URL Twitter E-mail

General

Target

04f10c40eff2333bd0da9c6f320bce3066f625746249bebc2e808b0df496aa4a
Size

24KB
MD5

1cf42ff1eaae0ed2127a1e59dbba652a
SHA1

c202fbbae17adaabb8e5884bb77fdc1782d5b224
SHA256

04f10c40eff2333bd0da9c6f320bce3066f625746249bebc2e808b0df496aa4a
SHA512

c529d0d964db0b4a8b560188a352dc68b0b387006376d9a403f74e882d9cd0ee304d3d9383e2eacdea3a3e4e0efa25a7326553c0b9752459ca328232ab08fb66
SSDEEP

384:K0O/VCJ+qJ/6W65rgTZ4epJANSoq61/tpes:LMQJj1sG4e3ANSD8nes

Score

N/A

Malware Config

Signatures

Files

04f10c40eff2333bd0da9c6f320bce3066f625746249bebc2e808b0df496aa4a
.exe windows x86

14f7ccd4a598855378051b1180883495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
lstrcpyA
ExpandEnvironmentStringsA
CloseHandle
WriteFile
CreateFileA
GlobalMemoryStatus
GetVersionExA
TerminateThread
Sleep
GetStartupInfoA
GetModuleHandleA
CreateThread
ResumeThread
GetCurrentDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
FreeLibrary
CopyFileA
CreateProcessA
ExitProcess
GetVersion
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetTempPathA

user32

DispatchMessageA
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
PostQuitMessage
DefWindowProcA
TranslateMessage

advapi32

StartServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenServiceA
CreateServiceA
OpenSCManagerA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
CloseServiceHandle

ws2_32

htons
inet_addr
send
WSAAsyncSelect
socket
WSAStartup
WSAGetLastError
recv
closesocket
WSACleanup
sendto
ntohl
setsockopt
WSASocketA
connect
htonl

mfc42

ord5186
ord3318
ord5773
ord5442
ord1979
ord665
ord825
ord389
ord540
ord2818
ord3229
ord5204
ord5808
ord5356
ord800
ord1988
ord690
ord823
ord815
ord561
ord354

msvcrt

_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
printf
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_itoa
rand
__dllonexit
_local_unwind2
_acmdln
_strlwr
_controlfp
__set_app_type
_except_handler3
__p__fmode
_stricmp
atoi
strncpy
strcspn
strstr
__CxxFrameHandler
sprintf
strncmp

msvcp60

??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14f7ccd4a598855378051b1180883495

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

mfc42

msvcrt

msvcp60

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 160B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 160B