251ef621383e1ceca3a84d3248e8d2a4acf08adb7c7cd91bb4bc7126c11237ad

Sharing

Copy URL Twitter E-mail

General

Target

251ef621383e1ceca3a84d3248e8d2a4acf08adb7c7cd91bb4bc7126c11237ad
Size

126KB
MD5

4d25fbd9c77839d8c30791012b0c856b
SHA1

a3ae85afa0908bcfc444b45a0f87329f4af70ede
SHA256

251ef621383e1ceca3a84d3248e8d2a4acf08adb7c7cd91bb4bc7126c11237ad
SHA512

daab13764e507fddea3a158943f60125316a50009896e4608e2f09f107845b0f38ba622901f7de63f4937ad1fffbb3f8a43dc32cf832dc8581685d82cbcc3748
SSDEEP

3072:3IhLwF+NXH28YU1NXncjtvrEKp0l46hMQgkJfee1wM88v:awFIt1pc5JpNMM9s/11x

Score

N/A

Malware Config

Signatures

Files

251ef621383e1ceca3a84d3248e8d2a4acf08adb7c7cd91bb4bc7126c11237ad
.exe windows x86

c5defe298628a9ec7da33097857c09fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetWindowsDirectoryA
GetSystemTime
OpenProcess
GetVersionExA
GetModuleHandleA
GetDateFormatA
SizeofResource
LockResource
CloseHandle
ReadFile
GetFileSize
SetFilePointer
CreateFileA
DeleteCriticalSection
WriteConsoleW
lstrlenA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
SetEnvironmentVariableA
HeapDestroy
GetCurrentProcess
TerminateProcess
GetLastError
GetTimeZoneInformation
GetLocalTime
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess

user32

EnumWindows
IsWindowEnabled
DispatchMessageA
DrawIcon
LoadImageA
CheckMenuRadioItem
ReleaseDC
DefWindowProcA
DrawTextA
GetWindowLongA
SetWindowsHookExA
SystemParametersInfoA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
GetClassInfoExA
CallNextHookEx
GetClassNameA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

ws2_32

WSAWaitForMultipleEvents
WSASocketA
WSAGetOverlappedResult
WSACreateEvent
WSAConnect
getservbyport
setsockopt
getservbyname
getprotobynumber
socket

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 980KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5defe298628a9ec7da33097857c09fd

Headers

File Characteristics

Imports

kernel32

user32

ole32

ws2_32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 56KB - Virtual size: 980KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 56KB - Virtual size: 980KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB