adb51085be45dc20479f6054f0c812a6d9947f582cfdf71831c8d5d131e6e63b

Sharing

Copy URL Twitter E-mail

General

Target

adb51085be45dc20479f6054f0c812a6d9947f582cfdf71831c8d5d131e6e63b
Size

199KB
MD5

0773f75492098a20bfa9175f11e85b44
SHA1

3496bcc3116da9a471a247d333555199e9236fb6
SHA256

adb51085be45dc20479f6054f0c812a6d9947f582cfdf71831c8d5d131e6e63b
SHA512

f68679795396ea820776ef14434d0f0808c1ce7d3fa8a27939b1f3e14872d8bc6ff3af29ddbdb726dd2f755ecada1b4a3c390066b45079dac4a836ce1c3fa712
SSDEEP

6144:Hupy1wn8Wc0SduWBlTNb2gf/n28zJdRiW/XN/gHl1lRKC3tvMztC/6:Hcuwzc0SduWBlTNb2gzRiW/XqXMzoy

Score

N/A

Malware Config

Signatures

Files

adb51085be45dc20479f6054f0c812a6d9947f582cfdf71831c8d5d131e6e63b
.exe windows x86

6fa0c8be99477af3ea3ef8612173bb3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memmove
_strnicmp
strncmp
strncpy
_strdup
free
memcpy
strlen
strcpy
_stricmp
strcmp
tolower
atoi
sprintf
strstr
sscanf
localtime
mktime
printf
exit
fprintf
bsearch
vsprintf
_CIsqrt
_CIlog
strncat
_CIpow
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_finite
_isnan
_CIlog10
_CIfmod
floor
ceil
_CIsin
_CIsinh
_CItan
_CItanh
toupper
malloc
fopen
fgets
fclose
vfwprintf
vfprintf
_vsnwprintf
memchr
_wcsicmp
wcsncmp
_wcsnicmp
wcsncpy
strchr
getenv
qsort
feof
time
ctime
fwrite
fflush
_open_osfhandle
_fdopen
setvbuf
_fileno
_isatty
system
_getcwd
setlocale
swscanf
atof
_wcsdup

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetCurrentThreadId
Sleep
HeapFree
TlsGetValue
HeapAlloc
TlsSetValue
TlsAlloc
WaitForMultipleObjects
EnterCriticalSection
CloseHandle
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcess
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
CreateThread
ReleaseSemaphore
HeapValidate
CreateFileA
WriteFile
ReadFile
SetFilePointer
GetFileSize
DeleteCriticalSection
HeapReAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
GetLastError
SetLastError
CreateFileW
FindFirstFileA
GetFileAttributesA
FindNextFileA
FindClose
MultiByteToWideChar
HeapSize
WideCharToMultiByte
GetTickCount
SuspendThread
ResumeThread
OpenMutexA
SetEnvironmentVariableA
WaitForSingleObject
TerminateThread
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
AllocConsole
SetConsoleTitleA
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
IsBadReadPtr
PeekNamedPipe
OpenProcess
FreeConsole
GetConsoleMode
SetConsoleMode

user32

PostThreadMessageA

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

wsock32

closesocket
WSACleanup
WSAStartup
socket
inet_addr
gethostbyname
htons
connect
ioctlsocket
send
sendto
recvfrom
recv
WSAGetLastError
bind
listen
accept
setsockopt

Sections

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fa0c8be99477af3ea3ef8612173bb3b

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

wsock32

Sections

.code Size: 4KB - Virtual size: 3KB

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 93KB

.rsrc Size: 1024B - Virtual size: 700B

.code
Size: 4KB - Virtual size: 3KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 93KB

.rsrc
Size: 1024B - Virtual size: 700B