c74b59ffbb558a61c1a3a22de05ed0e8aeb33b3a7e9ad3a3c78c03b71ae8318d

Sharing

Copy URL Twitter E-mail

General

Target

c74b59ffbb558a61c1a3a22de05ed0e8aeb33b3a7e9ad3a3c78c03b71ae8318d
Size

140KB
MD5

68123e2bcaafbee901b78343edabded2
SHA1

c1149d69c57cf57051b4cb5342574aec7c4b9a15
SHA256

c74b59ffbb558a61c1a3a22de05ed0e8aeb33b3a7e9ad3a3c78c03b71ae8318d
SHA512

238825fdebff6a758d45820c739affe0af54f488daffb209d63bebbab259e14f8fafbc85398e133f3c9875d3e981eb237de3c9a6580c950cbafd28ff138cdc66
SSDEEP

3072:jlIgGTD+E3ZwOx1yh9SdADxL0yYSsU4JKTBfjlyg//z6:jlITTDXNyhDayYSsWTB7lyg//

Score

N/A

Malware Config

Signatures

Files

c74b59ffbb558a61c1a3a22de05ed0e8aeb33b3a7e9ad3a3c78c03b71ae8318d
.exe windows x86

f50fc34787f72890d95c79c5228f47d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recvfrom
connect
listen
accept
__WSAFDIsSet
WSAGetLastError
bind
recv
select
getsockname
getpeername
shutdown
gethostbyname
send
ntohs
inet_ntoa
ntohl
WSAStartup
inet_addr
socket
setsockopt
sendto
WSASocketA
WSAIoctl
closesocket
htons
htonl

wininet

InternetConnectA
HttpSendRequestA
InternetOpenA
InternetReadFile
InternetQueryDataAvailable
InternetSetOptionA
HttpOpenRequestA
InternetCloseHandle

dnsapi

DnsQueryConfig
DnsQuery_A
DnsRecordListFree

kernel32

GetProcAddress
VirtualQuery
RtlUnwind
LocalFree
GetSystemDirectoryA
FileTimeToSystemTime
GetSystemTimeAsFileTime
lstrcatA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
VirtualFree
VirtualAlloc
WritePrivateProfileSectionA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateSemaphoreA
LoadLibraryA
MoveFileExA
GetTimeZoneInformation
CreateEventA
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
lstrcpyA
WaitForSingleObject
CreateThread
ResumeThread
SetThreadPriority
Sleep
GetTickCount
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
InterlockedExchangeAdd
InterlockedExchange
lstrcpynA
GetCurrentDirectoryA
WinExec
OpenEventW
WriteFile
CreateFileA
GetFileAttributesA
GetFullPathNameA
OpenEventA
GetLastError
SetCurrentDirectoryA
ExitProcess
CreateProcessA
CopyFileA
GetWindowsDirectoryA
GetModuleFileNameA
GetVersionExA
lstrlenA
GetComputerNameA
WaitForMultipleObjects
SystemTimeToFileTime
GetLocalTime
GetSystemTime
lstrcmpiA
GetTempFileNameA
GetTempPathA
DeleteFileA
SetEndOfFile
ReadFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
FindClose
FindNextFileA
lstrcmpA
FindFirstFileA
GetDriveTypeA
GetLogicalDriveStringsA
ReleaseSemaphore

user32

wvsprintfA
CharLowerBuffA
CharUpperA
CharLowerA

advapi32

CreateServiceA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.flat
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f50fc34787f72890d95c79c5228f47d6

Headers

File Characteristics

Imports

ws2_32

wininet

dnsapi

kernel32

user32

advapi32

Sections

.flat Size: 13KB - Virtual size: 13KB

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 5KB - Virtual size: 4KB

.flat
Size: 13KB - Virtual size: 13KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 4KB