af8b363d2bbe6e80ff7d86c36a30127e779afaafded17e7c5a381b6f13bcdb3d

Sharing

Copy URL Twitter E-mail

General

Target

af8b363d2bbe6e80ff7d86c36a30127e779afaafded17e7c5a381b6f13bcdb3d
Size

104KB
MD5

c52d74ea4e1e4886eaba86b47d34d5d1
SHA1

908f18f701874360be01e674ae3121872066ffd8
SHA256

af8b363d2bbe6e80ff7d86c36a30127e779afaafded17e7c5a381b6f13bcdb3d
SHA512

0762e1b80d16fa36edfee908ce52af5f8ebe8ecc92b8d4abb597b4f94a043f003b1b99c200eea5f5de34dcaa5c69ed195cf0923d7e5418967dfac4c38e46c339
SSDEEP

768:85117OV0lPraANAWWi7dPkF1notOol02QDNeQKoYi5yLOQ3P4s3c6J4vX:IOVSjNzPkF1notOb2HoYOyif

Score

N/A

Malware Config

Signatures

Files

af8b363d2bbe6e80ff7d86c36a30127e779afaafded17e7c5a381b6f13bcdb3d
.exe windows x86

506cef0c9814e32789030208eddbf2d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetCurrentProcess
ReadFile
PeekNamedPipe
WinExec
SetCurrentDirectoryA
GetCurrentDirectoryA
GetComputerNameA
WriteFile
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GlobalMemoryStatus
GetTempPathA
GetSystemDirectoryA
GetVersionExA
Process32Next
Module32First
GetPriorityClass
OpenProcess
CreateProcessA
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
DeviceIoControl
CreateEventA
GetCurrentProcessId
FindNextFileA
FindFirstFileA
LCMapStringA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
ExitThread
CreatePipe
CreateThread
GetLastError
TerminateThread
WaitForMultipleObjects
TerminateProcess
DisconnectNamedPipe
CloseHandle
lstrlenA
GetWindowsDirectoryA
GetTickCount
Sleep
lstrcpyA
Process32First
GetCPInfo
WaitForSingleObject
GetExitCodeProcess
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
ExitProcess
HeapFree
HeapAlloc
GetLocalTime
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetFileAttributesA
UnhandledExceptionFilter
GetModuleFileNameA
LCMapStringW

user32

EnumDisplaySettingsA
MessageBoxA
ExitWindowsEx
FindWindowA
SystemParametersInfoA
ClipCursor
ShowWindow

advapi32

StartServiceCtrlDispatcherA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
OpenSCManagerA
OpenServiceA
CreateServiceA
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceA
QueryServiceStatus
CloseServiceHandle

shell32

SHFileOperationA

ws2_32.dll

ord1
ord2
ord21
ord9
ord23
ord115
ord3
ord16
ord19
ord15
ord13

winmm

mciSendStringA
PlaySoundA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DAStub
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

506cef0c9814e32789030208eddbf2d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32.dll

winmm

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 40KB - Virtual size: 40KB

DAStub Size: 12KB - Virtual size: 12KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 40KB - Virtual size: 40KB

DAStub
Size: 12KB - Virtual size: 12KB