578802929c0e9f5c523216b2bc6435cafa4f79501cb4865de68843419460c021

Sharing

Copy URL Twitter E-mail

General

Target

578802929c0e9f5c523216b2bc6435cafa4f79501cb4865de68843419460c021
Size

144KB
MD5

08c80dc6c0c18310e6bef34047b205b3
SHA1

10940602e30da4790e12b870a390f8c9025e8583
SHA256

578802929c0e9f5c523216b2bc6435cafa4f79501cb4865de68843419460c021
SHA512

70344381a8d66094f72c708b021e84ef950ce448a2da1da91d9aa1d2da215ba6d9947e14c5dbe06a74e597ebaad1a89d7ef24c9c25954137dea07c04dbb46a2e
SSDEEP

1536:ELL2znStx2CL85m9jbGtHYrGN9BRUKRETr5iL4NUSALrjvvH/nI9vY522U4vOaqC:Cas/ozxUKRUr5QSALvH/n2w52YGLle

Score

N/A

Malware Config

Signatures

Files

578802929c0e9f5c523216b2bc6435cafa4f79501cb4865de68843419460c021
.exe windows x86

a02b846de59e621d00c545ccbe067dc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalMemoryStatus
GetProcAddress
GetModuleHandleA
CreateThread
GetSystemInfo
ExitProcess
WaitForSingleObject
CopyFileA
DeleteFileA
GetModuleFileNameA
GetCurrentProcessId
Sleep
GetTickCount
CreateToolhelp32Snapshot
Process32First
TerminateProcess
Process32Next
GetCurrentProcess
CloseHandle
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapReAlloc
VirtualAlloc
HeapSize
GetLocaleInfoA
OpenProcess
GetLastError
GetSystemTimeAsFileTime
RtlUnwind
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RaiseException
HeapFree
CreateFileA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegCreateKeyExA
LookupPrivilegeValueA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
RegSetValueExA
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

ws2_32

select
__WSAFDIsSet
recv
WSAIoctl
connect
send
htonl
socket
setsockopt
sendto
closesocket
inet_addr
gethostbyname
htons
WSAStartup
WSASocketA

iphlpapi

GetIfTable

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a02b846de59e621d00c545ccbe067dc1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

iphlpapi

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 73KB - Virtual size: 80KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 73KB - Virtual size: 80KB

.rsrc
Size: 512B - Virtual size: 436B