24d5f06eb344e99f32ca1fdbd712f9d6dcb4f3b88069273570f3807af1e2342d

Sharing

Copy URL

Twitter E-mail

General

Target

24d5f06eb344e99f32ca1fdbd712f9d6dcb4f3b88069273570f3807af1e2342d
Size

57KB
MD5

2288112ddbb4c58c0c12a7282226645a
SHA1

9c85dc47b5738ea472495283109e5c8871ad041d
SHA256

24d5f06eb344e99f32ca1fdbd712f9d6dcb4f3b88069273570f3807af1e2342d
SHA512

4fbd1fd22b3f59b59839e220eaec1d6bd07f8fa6b8528c69e007d1afec4f6094ddd6a7bd1a6cff54317829bdf2d333cdbc058ac73266a8d071d45df93ea28557
SSDEEP

1536:gfCCBgCXgHN1G6xsNM4zs3G/SNd3G2Ae:ED+CXSN1GaEMgs3G/SNd3G2Ae

Score

N/A

Malware Config

Signatures

Files

24d5f06eb344e99f32ca1fdbd712f9d6dcb4f3b88069273570f3807af1e2342d
.exe windows x86

c640ee3f4101bdd4ad01efbf12a3a3aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

_lread
_lwrite
lstrcatA
lstrcmpA
lstrcmpiA
_lopen
lstrcpynA
lstrlenA
lstrlenW
_lcreat
_lclose
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
SetFilePointer
RtlMoveMemory
CloseHandle
RemoveDirectoryA
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MoveFileA
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GlobalMemoryStatus
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetStartupInfoA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleHandleA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileSize
GetFileAttributesA
GetEnvironmentVariableA
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateProcessA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CompareStringA
lstrcpyA

user32

MessageBoxA
GetMessageA
GetDC
DispatchMessageA
CreateWindowExA
wsprintfA
ReleaseDC
TranslateMessage
SetTimer
SetWindowLongA

oleaut32

SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData

advapi32

GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges

shlwapi

StrRChrA
StrStrIA
StrCmpNA
StrChrA

shell32

ShellExecuteA

wsock32

gethostname
connect
closesocket
bind
accept
WSAStartup
getsockname
htons
socket
shutdown
send
recv
listen

ws2_32

WSAIoctl
WSASocketA

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasGetEntryDialParamsA

gdi32

GetDeviceCaps

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c640ee3f4101bdd4ad01efbf12a3a3aa

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

shell32

wsock32

ws2_32

rasapi32

gdi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 205KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 205KB