37c2033ad7dad9dc85b79e75b251d412dc032303c9850e98112d837c3d65e49d

Sharing

Copy URL Twitter E-mail

General

Target

37c2033ad7dad9dc85b79e75b251d412dc032303c9850e98112d837c3d65e49d
Size

91KB
MD5

5bc164788e71bc14b792a12e56c61e6c
SHA1

9be808ca5ba24ab79198efc6083101d25f2efe8e
SHA256

37c2033ad7dad9dc85b79e75b251d412dc032303c9850e98112d837c3d65e49d
SHA512

50878b021395303884d7e0cdc3bc7c5fcd035c3c5d0bd6e56dd7adfe56a07faf43bac6ed6fd3fffec6a05855f3828fad4edcda478657a92e7b1160a574d5a777
SSDEEP

1536:E4B9h0gZN4i1P3/luhtrEinebqI/epHcbwYwkKXeYtFI:XBTZcD2bPVieYtFI

Score

N/A

Malware Config

Signatures

Files

37c2033ad7dad9dc85b79e75b251d412dc032303c9850e98112d837c3d65e49d
.exe windows x86

927bc30b33365c82ef2b72e6237f4bc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
GetModuleFileNameA
CreateEventW
ExitProcess
ReadFile
GetCommandLineW
GetProcessHeap
HeapFree
lstrcatW
GetQueuedCompletionStatus
CreateIoCompletionPort
CloseHandle
PostQueuedCompletionStatus
Sleep
SetEvent
WaitForSingleObjectEx
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LCMapStringW
ExitThread
GetLastError
ResumeThread
CreateThread
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
RtlUnwind
GetProcAddress
GetModuleHandleA
GetVersionExA
HeapAlloc
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
WriteFile
LoadLibraryA
InitializeCriticalSection
HeapSize
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
CreateFileA
LCMapStringA

user32

GetActiveWindow
MessageBoxA

advapi32

StartServiceCtrlDispatcherW
DeleteService
OpenServiceW
QueryServiceStatusEx
StartServiceW
OpenSCManagerW
CreateServiceW
ChangeServiceConfig2W
SetServiceStatus
RegisterServiceCtrlHandlerExW
CloseServiceHandle

shell32

CommandLineToArgvW

ws2_32

socket
htons
connect
WSAStartup
closesocket
gethostbyname
inet_addr
WSACleanup
recv
inet_ntoa
gethostname
send

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

927bc30b33365c82ef2b72e6237f4bc6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 176B