61b49507c0dec6e07b36b5b206112bc37efef8d6e9b66064959b41c8d0364fbe

Sharing

Copy URL Twitter E-mail

General

Target

61b49507c0dec6e07b36b5b206112bc37efef8d6e9b66064959b41c8d0364fbe
Size

236KB
MD5

ae844fbb2452bb2f2d3e79566dafb6c1
SHA1

d2fbce02c210b007f956fe6d4d34be0b159ac6d5
SHA256

61b49507c0dec6e07b36b5b206112bc37efef8d6e9b66064959b41c8d0364fbe
SHA512

7dfcd43651709ccd977c5c0f59b2a815e12e384cd31d69ac76c2ee0a75bc435e3ec3d561a24f11ead4672d6de57181c8e295c75e51fe51fed3d50cc84c80570e
SSDEEP

6144:MaARJYrMu81ZH8Bwa7NIzr+YlE/3nVx3e//1xcD+/4T:XZMP1ZHkwhf+JVxYxu+2

Score

N/A

Malware Config

Signatures

Files

61b49507c0dec6e07b36b5b206112bc37efef8d6e9b66064959b41c8d0364fbe
.exe windows x86

a44cbe4e6ef0f8ee6d258f115d2eaef7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc

ws2_32

gethostbyname
sendto
socket
getsockname
shutdown
gethostname
setsockopt
getservbyname
htons
recv
send
recvfrom
htonl

odbc32

ord142
ord43
ord44
ord145
ord147
ord154
ord155
ord59
ord166
ord167
ord68
ord69
ord170
ord72
ord24
ord26
ord28
ord29
ord31
ord132
ord133
ord37
ord138
ord139
ord173
ord74
ord75

kernel32

Sleep
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetEndOfFile
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
ReadFile
GetProcAddress
GetOEMCP
GetACP
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetFilePointer
WriteFile
CloseHandle
GetCurrentThread
GetLastError
SetLastError
WriteConsoleW
lstrcpyA
GetSystemWindowsDirectoryA
QueryPerformanceCounter
CreateFileA
GetWindowsDirectoryA
GetSystemTime
OpenProcess
GetVersionExA
GetModuleHandleA
GetDateFormatA
FindResourceA
FlushFileBuffers
CreateThread
LocalFree
LocalAlloc
DeviceIoControl
GetCurrentProcess
LoadLibraryA
TlsGetValue
TlsAlloc
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
HeapReAlloc
HeapAlloc
ExitProcess
TerminateProcess
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
FatalAppExitA
HeapSize
GetCurrentThreadId
TlsSetValue
TlsFree

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a44cbe4e6ef0f8ee6d258f115d2eaef7

Headers

File Characteristics

Imports

ole32

ws2_32

odbc32

kernel32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 76KB - Virtual size: 510KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 76KB - Virtual size: 510KB