96719a2fbbde64ada7245ee82d78fe28eb29a80e1a95c8e82aab5c4a67874260

Sharing

Copy URL Twitter E-mail

General

Target

96719a2fbbde64ada7245ee82d78fe28eb29a80e1a95c8e82aab5c4a67874260
Size

84KB
MD5

d85ea29592c6acc159152cc62b308652
SHA1

544e070622bf81661434c0e6b127937de0e0b36e
SHA256

96719a2fbbde64ada7245ee82d78fe28eb29a80e1a95c8e82aab5c4a67874260
SHA512

5c28de62b204d084cb5d0e374d27222c9d857acfb97824a935a4ae08567a1cbb6d95fd963f94811ea303b1c19974805269230779346ceb30055f88057ed9a973
SSDEEP

1536:2CUVhfM5AwpRmN5exYcddSSzyQ2jSWAb8q+YLgJEloqduMnj2:2LVhfM53pFYtQrWop/LgJEltnnK

Score

N/A

Malware Config

Signatures

Files

96719a2fbbde64ada7245ee82d78fe28eb29a80e1a95c8e82aab5c4a67874260
.exe windows x86

8777c13b21bf8433b4e5f5cdbb020edf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
gethostbyname
WSAStartup
setsockopt
bind
listen
accept
WSACleanup
inet_addr
shutdown
send
recv
inet_ntoa
socket
htons
ioctlsocket
connect
select
closesocket
ntohl
htonl

shell32

SHGetFolderPathA

advapi32

GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA

kernel32

FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
LCMapStringA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
CompareStringA
CompareStringW
FreeEnvironmentStringsW
GetWindowsDirectoryA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
CopyFileA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
SetFileTime
CloseHandle
GetFileTime
CreateFileA
SetFileAttributesA
ExitThread
GetSystemDirectoryA
Sleep
LeaveCriticalSection
EnterCriticalSection
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetTickCount
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
FindClose
FindFirstFileA
DeleteFileA
TerminateProcess
OpenProcess
SetEnvironmentVariableA
ExitProcess
CreateProcessA
GetModuleFileNameA
WaitForSingleObject
CreateMutexA
SetErrorMode
GetTempPathA
GetLastError
CreateDirectoryA
GetVersionExA
TerminateThread
ExpandEnvironmentStringsA
GetFileAttributesA
GetModuleHandleA
WriteFile
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
HeapDestroy
GetEnvironmentVariableA
SetFilePointer
ReadFile
GetVersion
GetCommandLineA
GetStartupInfoA
GetLocalTime
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime

user32

CharLowerA
GetWindowThreadProcessId
FindWindowA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8777c13b21bf8433b4e5f5cdbb020edf

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

wininet

kernel32

user32

version

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 23KB - Virtual size: 35KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 23KB - Virtual size: 35KB