b1fa885410963a10978a87104a39dcecf858d4d82af4430c04cc50c44121b32a

General

Target

b1fa885410963a10978a87104a39dcecf858d4d82af4430c04cc50c44121b32a
Size

60KB
MD5

ed352491b80a9323a0d79aa019e97aad
SHA1

5f36f836a31942bfa2ba3ea8b5dfd959bff67ea4
SHA256

b1fa885410963a10978a87104a39dcecf858d4d82af4430c04cc50c44121b32a
SHA512

3cac3c665b891686fa729d1fa63317c1cb6255171527518cbec76e226f8f1e89c0348db50434ab8a33075227e44cf441c350bf037c0bf00ecf3d0999a7cb28b5
SSDEEP

1536:8D/+YI3c5sdBTuE7l3ooR9SbDakhxdBtBHxmi7:oi3c5s7lnnSbD3BtBRmU

Score

N/A

Malware Config

Signatures

Files

b1fa885410963a10978a87104a39dcecf858d4d82af4430c04cc50c44121b32a
.exe windows x86

2db8271ac2f6ecaa530576fb2a3b5a4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
InitializeCriticalSection
HeapSize
DeleteFileA
SuspendThread
GetEnvironmentVariableA
HeapCreate
WaitForSingleObject
GetModuleHandleA
AddAtomW
ReleaseMutex
GetSystemInfo
GetCurrentDirectoryA
GetStartupInfoW
FindClose
GetTickCount
ResetEvent
CloseHandle
CreateFileA
CreateMutexW
FindClose
ExitProcess
GetFileSize
HeapDestroy
SetEndOfFile

wininet

DeleteUrlCacheEntryA
FtpGetCurrentDirectoryA
FtpPutFileA
HttpQueryInfoA
FtpDeleteFileA
HttpEndRequestA
FtpOpenFileA
FtpFindFirstFileA
FtpGetFileA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
FtpCreateDirectoryA
FindCloseUrlCache

perfos

CloseOSObject
CloseOSObject
CloseOSObject
CloseOSObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qftbotp
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xdzmxny
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2db8271ac2f6ecaa530576fb2a3b5a4b

Headers

File Characteristics

Imports

kernel32

wininet

perfos

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 10B

.rsrc Size: 54KB - Virtual size: 82KB

qftbotp Size: - Virtual size: 32KB

xdzmxny Size: - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 10B

.rsrc
Size: 54KB - Virtual size: 82KB

qftbotp
Size: - Virtual size: 32KB

xdzmxny
Size: - Virtual size: 4KB