47dd0c61c5c5dabbdcd2954eb997fc4e6e6fda6341a7cad3c566490fbcab7207

Sharing

Copy URL Twitter E-mail

General

Target

47dd0c61c5c5dabbdcd2954eb997fc4e6e6fda6341a7cad3c566490fbcab7207
Size

84KB
MD5

7df4a89100f5691a0e3afa0885e8cd00
SHA1

9b887be93ce194578066c03a19c4890415fa5da2
SHA256

47dd0c61c5c5dabbdcd2954eb997fc4e6e6fda6341a7cad3c566490fbcab7207
SHA512

deafaa7d93e877c6aeb1b6b571cb9eb9c287dc7c65a73273d7b8f2613648cd26c8875d80846cc9d2d0e74646b139d86b4ca4e804bf618212f6714c40ac4b7ad9
SSDEEP

768:oXMqxaW01PaRjHYdJDx8rKtYZzb7D88IVGu5kSuO3ZU3VnmLWtvwybHcqo9Wtjj:6Mi8PKjHYQBY1IuBTSt4ybHcnIMg7RK

Score

N/A

Malware Config

Signatures

Files

47dd0c61c5c5dabbdcd2954eb997fc4e6e6fda6341a7cad3c566490fbcab7207
.exe windows x86

a686cecab0cbec1a8b33519678da41f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
ReleaseMutex
OpenMutexA
WinExec
GetTempPathA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
WaitForSingleObject
GetModuleFileNameA
CreateMutexA
WriteFile
lstrlenA
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
SetFileAttributesA
FreeLibrary
CreateThread
CreateProcessA
GetCurrentProcess
SetProcessWorkingSetSize
Sleep
ExitThread
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetTickCount
LoadLibraryA
ExitProcess
GetProcAddress
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
LocalAlloc
InterlockedExchange
RaiseException
HeapAlloc
RtlUnwind
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
RegQueryValueExA

shell32

ShellExecuteA

ws2_32

__WSAFDIsSet
WSAIoctl
htonl
send
recv
WSAStartup
select
sendto
setsockopt
inet_addr
gethostbyname
socket
htons
connect
WSASocketA
closesocket

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a686cecab0cbec1a8b33519678da41f9

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 16KB - Virtual size: 16KB