8b3e02cf70d3ec1e0df310b115e380c34554185236246a9f9b096d19fe6fdd16

Sharing

Copy URL Twitter E-mail

General

Target

8b3e02cf70d3ec1e0df310b115e380c34554185236246a9f9b096d19fe6fdd16
Size

72KB
MD5

6966d96ed4c27b5873ff720256e92fb7
SHA1

464f56281eb6fabcc346fccf8054b9c4830080dc
SHA256

8b3e02cf70d3ec1e0df310b115e380c34554185236246a9f9b096d19fe6fdd16
SHA512

14c5a603a07bb6978f2dafc05f938f73caeb990f32ae08d1981d5b0339a51f131cbc90e89b5787478b1c2ee4034f44ff927d4b220e3d8623970389c5281ef4cb
SSDEEP

1536:dRwcdKr4bMPqwo65hjsbY3cME/O7Wky2:Uclyqwoghjs8sMiO7Wky2

Score

N/A

Malware Config

Signatures

Files

8b3e02cf70d3ec1e0df310b115e380c34554185236246a9f9b096d19fe6fdd16
.exe windows x86

323f8c1b07c262008c1bbce6c0bf4da5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDirectoryA
CreateMutexA
DeleteFileA
Sleep
GetTempFileNameA
GetTempPathA
CreateProcessA
WinExec
Module32Next
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetModuleHandleA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
DisconnectNamedPipe
PeekNamedPipe
ConnectNamedPipe
CreateNamedPipeA
TerminateThread
OpenMutexA
WaitForSingleObject
CreateThread
WaitNamedPipeA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
ExitProcess
CreateEventA
SetEvent
OpenEventA
SizeofResource
GlobalFree
LockResource
LoadResource
FindResourceA
GetVersionExA
CopyFileA
GetModuleFileNameA
_lclose
_lwrite
_lcreat
MoveFileExA
ReleaseMutex
GetWindowsDirectoryA
GetLastError
DeviceIoControl
DefineDosDeviceA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
SetFileAttributesA
GetFileSize
VirtualAlloc
ReadFile
VirtualFree
SetFilePointer
CreateFileA
WriteFile
CloseHandle
LoadLibraryA
UnmapViewOfFile
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc
TerminateProcess
GetCurrentProcess
FlushFileBuffers

user32

GetWindowThreadProcessId
EnumWindows
wsprintfA
PostMessageA

advapi32

DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
StartServiceA
QueryServiceStatus
RegCreateKeyExA
RegSetValueExA
RegCloseKey
ControlService

ws2_32

recvfrom
closesocket
WSACleanup
sendto
inet_ntoa
ioctlsocket
setsockopt
inet_addr
htons
socket
WSAStartup
ntohs

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323f8c1b07c262008c1bbce6c0bf4da5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 24KB - Virtual size: 20KB