870705aae76e687afcd722b325993b4fbd90935a4f64a41e26649accec05cdaa

Sharing

Copy URL Twitter E-mail

General

Target

870705aae76e687afcd722b325993b4fbd90935a4f64a41e26649accec05cdaa
Size

326KB
MD5

933d96699cf8d6d9684ac83f1ca47a80
SHA1

24c9df01704a978660a4a13b2f6468c91a5b8de1
SHA256

870705aae76e687afcd722b325993b4fbd90935a4f64a41e26649accec05cdaa
SHA512

624e0b01955b4d05154aebf84b6c3accfeb4fdfe22ae4c150b28ef85ba1459596b9bc8e91770022e7e060a95abda824d3c1db92cd2deccff4ddd3212cbfdbc6a
SSDEEP

6144:A2uq35KbN65TkoFOqIJICb0kCWVFmWS6HhEe5sldxX6:5uq352N6ic8PC8I6HhvsfX

Score

N/A

Malware Config

Signatures

Files

870705aae76e687afcd722b325993b4fbd90935a4f64a41e26649accec05cdaa
.exe windows x86

92c3ac9efd961acef5c19d831bcb7d3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

HeapReAlloc
GetTempPathW
WideCharToMultiByte
GetProcessTimes
DisconnectNamedPipe
UnhandledExceptionFilter
CompareStringA
FindFirstFileW
HeapSize
VirtualAlloc
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetModuleHandleW
WaitForSingleObject
SetFileTime
SetEnvironmentVariableW
GetCurrentDirectoryW
VirtualFree
SetUnhandledExceptionFilter
HeapFree
LCMapStringA
CloseHandle
CreateProcessW
CreateMutexW
ExpandEnvironmentStringsW
CreateFileW
GetConsoleMode
GetTempPathA
GetSystemTimeAsFileTime
GetFileType
TlsGetValue
SetHandleCount
LeaveCriticalSection
RtlUnwind
GetProcessHeap
CreateEventW
DeleteCriticalSection
MoveFileW
DuplicateHandle
WriteConsoleA
GetACP
GetUserDefaultLCID
ConnectNamedPipe
ReadFile
GetCurrentThreadId
ExitThread
WaitForMultipleObjects
CopyFileW
FindClose
IsDebuggerPresent
HeapAlloc
GetConsoleOutputCP
FindNextFileW
GetStdHandle
DeleteFileW
SetFileAttributesW
GetLogicalDriveStringsW
CompareStringW
SetConsoleCtrlHandler
CreateNamedPipeW
GetComputerNameW
GetSystemInfo
ReleaseMutex
EnterCriticalSection
IsValidCodePage
CreatePipe
OpenEventW
TlsAlloc
SetThreadPriority
GetConsoleCP
SetEndOfFile
GetModuleHandleA
PeekNamedPipe
FreeLibrary
CreateDirectoryW
LCMapStringW
LocalFree
EnumSystemLocalesA
RemoveDirectoryW
GetCommandLineW
RaiseException
GetUserDefaultLangID
ResetEvent
GetExitCodeThread
FlushFileBuffers
TlsSetValue
SetStdHandle
GetOEMCP
CreateFileA
SetLastError
GetTimeZoneInformation
CreateThread
SetEnvironmentVariableA
FreeEnvironmentStringsW
IsValidLocale
SetFilePointer
TryEnterCriticalSection
LocalAlloc
OpenProcess
GetFileAttributesExW
TlsFree
WriteFile
VirtualAllocEx

user32

MessageBoxA
SetWindowLongW

ws2_32

recv
inet_addr
htons
connect
send
socket
WSAStartup
WSACleanup
ntohl
ioctlsocket
closesocket
htonl

iphlpapi

GetNetworkParams
GetAdaptersInfo

ole32

CoInitializeEx
OleRun
CoUninitialize
CoCreateInstance

advapi32

RegSetValueExW
QueryServiceStatus
RegCloseKey
ReportEventW
RegEnumValueW
DeregisterEventSource
RegDeleteValueW
ControlService
CreateServiceW
DeleteService
RegQueryValueExW
RegCreateKeyExW
SetSecurityDescriptorDacl
SetServiceStatus
RegisterServiceCtrlHandlerW
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorSacl
OpenServiceA
RegisterEventSourceW
RegDeleteKeyW
OpenServiceW
ChangeServiceConfig2W
RegOpenKeyExW
QueryServiceConfigW
OpenSCManagerW
StartServiceCtrlDispatcherW
StartServiceW
QueryServiceStatusEx
CloseServiceHandle
RegQueryInfoKeyW
RegEnumKeyExW
ChangeServiceConfigW

oleaut32

SysAllocString
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayCopy
SysFreeString
VariantClear
VariantInit
VariantCopy
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayGetLBound

comctl32

CreateStatusWindow
DrawStatusTextW
UninitializeFlatSB
FlatSB_ShowScrollBar
ImageList_DragShowNolock
CreateToolbarEx

mciwave

DriverProc

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 29KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 185KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92c3ac9efd961acef5c19d831bcb7d3a

Headers

File Characteristics

Imports

winmm

kernel32

user32

ws2_32

iphlpapi

ole32

advapi32

oleaut32

comctl32

mciwave

Sections

.text Size: 20KB - Virtual size: 20KB

.bss Size: 29KB - Virtual size: 323KB

.reloc Size: 185KB - Virtual size: 899KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 69KB - Virtual size: 149KB

.rsrc Size: 16KB - Virtual size: 78KB

.text
Size: 20KB - Virtual size: 20KB

.bss
Size: 29KB - Virtual size: 323KB

.reloc
Size: 185KB - Virtual size: 899KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 69KB - Virtual size: 149KB

.rsrc
Size: 16KB - Virtual size: 78KB