7e9a24bcc47ccbc0464d027edcb08c53f49244a533039cd04fff1eba850d4536

Sharing

Copy URL

Twitter E-mail

General

Target

7e9a24bcc47ccbc0464d027edcb08c53f49244a533039cd04fff1eba850d4536
Size

621KB
MD5

3bfa0949d9c27c8a3a0e9d2051af4e56
SHA1

925985bd3b45ac49d0d0015aca04218104ad07d0
SHA256

7e9a24bcc47ccbc0464d027edcb08c53f49244a533039cd04fff1eba850d4536
SHA512

5705dfe228960a258862aac99e50e2b6083f4a788aece56917bc0ba84250d844394ca1238d16a24f32a9855e521cb49a619c3cbb20df038feb421ac93caefd9d
SSDEEP

12288:6MJoRRJVX/hS00PeMYPLCul+8dHqAQN3Zq70S4MStkUfj31iTrbzqF:rm/VX/s0iezISTUfjoTrbzI

Score

N/A

Malware Config

Signatures

Files

7e9a24bcc47ccbc0464d027edcb08c53f49244a533039cd04fff1eba850d4536
.exe windows x86

a6f3ce56ba26b16302ff4f1d2aed9fa2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

setsockopt
getsockopt
ioctlsocket
accept
listen
shutdown
getsockname
getpeername
inet_ntoa
ntohs
connect
WSAAsyncGetHostByName
ntohl
recv
WSACancelAsyncRequest
closesocket
bind
inet_addr
WSAAsyncSelect
socket
htons
gethostbyname
gethostname
WSASetLastError
WSAGetLastError
WSAStartup
WSACleanup
send

kernel32

LoadLibraryA
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetLocalTime
GetSystemTime
SystemTimeToFileTime
GetLastError
SizeofResource
FindResourceW
GetModuleHandleW
SetLastError
FreeLibrary
LoadLibraryW
GetProcAddress
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
MultiByteToWideChar
DeleteFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
MoveFileW
FileTimeToSystemTime
CreateFileW
SetFileTime
CloseHandle
WriteFile
InitializeCriticalSectionAndSpinCount
SetFilePointer
FindFirstFileW
FindNextFileW
FindClose
ReadFile
SetEndOfFile
CreateThread
WaitForSingleObject
Sleep
GetTimeZoneInformation
SetThreadPriority
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CreateEventW
SetEvent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
ResumeThread
FlushFileBuffers
VirtualAlloc
VirtualFree
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeA
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind
RaiseException
HeapAlloc
GetStartupInfoA
GetCommandLineA
HeapFree
GetSystemTimeAsFileTime
GetLocaleInfoW
SetStdHandle
CreateFileA
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
HeapReAlloc

user32

PostThreadMessageW
SendMessageW
FindWindowW
DispatchMessageW
TranslateMessage
GetMessageW
EnumWindows
GetWindowTextW
GetClassNameW
MessageBoxW
PostQuitMessage
LoadStringA
RegisterWindowMessageW
SetTimer
DefWindowProcW
KillTimer
GetWindowLongW
PostMessageW
PeekMessageW
DestroyWindow
SetWindowLongW
CreateWindowExW
RegisterClassExW
LoadStringW

advapi32

RegisterServiceCtrlHandlerW
ControlService
DeleteService
StartServiceW
CreateServiceW
StartServiceCtrlDispatcherW
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
SetServiceStatus

Sections

.text
Size: 509KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6f3ce56ba26b16302ff4f1d2aed9fa2

Headers

DLL Characteristics

File Characteristics

Imports

version

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 509KB - Virtual size: 509KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 509KB - Virtual size: 509KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 10KB - Virtual size: 9KB