aeb062e2cf1d1aa7217bc661aa6f3a8b01956d2af5b0b4bf753d9dca2242c6a4

General

Target

aeb062e2cf1d1aa7217bc661aa6f3a8b01956d2af5b0b4bf753d9dca2242c6a4
Size

132KB
MD5

6d8a53fe4c41773b7c0f539cb0bf7a20
SHA1

86e5f31c2e6550847f4d3e8ab978d465ae214404
SHA256

aeb062e2cf1d1aa7217bc661aa6f3a8b01956d2af5b0b4bf753d9dca2242c6a4
SHA512

a096a81f6a861ff9fd9f4ec281d910ba02c0d09eda6ab02e0619bb0ce342e156b6b8d632225cb089652e576143b893e9da3e55194d04887bd1df8fc86e625492
SSDEEP

3072:QZA5DBrffbrlGmxOrU+kYprwOtCxkeOv3v:QkrvTx8eYdMkt

Score

N/A

Malware Config

Signatures

Files

aeb062e2cf1d1aa7217bc661aa6f3a8b01956d2af5b0b4bf753d9dca2242c6a4
.exe windows x86

ad408997bb6b539114b342d4ec27f7d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

kernel32

TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
GetProcAddress
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
lstrcpyA
WriteFile
SetFilePointer
Sleep
DeleteFileA
SetEvent
OutputDebugStringA
GetSystemDefaultUILanguage
InterlockedExchange
GetTickCount
CreateThread
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
InterlockedIncrement
RtlUnwind
RaiseException
GetLastError
GetCurrentThreadId
TlsSetValue
ExitThread
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
InterlockedDecrement

user32

wsprintfA

netapi32

NetUserAdd
NetLocalGroupAddMembers

ws2_32

setsockopt
connect
WSACleanup
WSAStartup
htons
gethostbyname
socket
inet_addr
inet_ntoa
WSAIoctl

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad408997bb6b539114b342d4ec27f7d5

Headers

File Characteristics

Imports

wininet

kernel32

user32

netapi32

ws2_32

Sections

.text Size: 91KB - Virtual size: 91KB

.bss Size: 10KB - Virtual size: 10KB

.data Size: 21KB - Virtual size: 21KB

.text
Size: 91KB - Virtual size: 91KB

.bss
Size: 10KB - Virtual size: 10KB

.data
Size: 21KB - Virtual size: 21KB