c81c26fe3fba7b9cae3a3b7599006e75e2c01e41fa8042886bc66bb70790d196

Sharing

Copy URL Twitter E-mail

General

Target

c81c26fe3fba7b9cae3a3b7599006e75e2c01e41fa8042886bc66bb70790d196
Size

572KB
MD5

8fed9e06b7f9f15e0386d6c87424d53f
SHA1

2dcf417b04b5c5db8f4b669fea202504a4a746b1
SHA256

c81c26fe3fba7b9cae3a3b7599006e75e2c01e41fa8042886bc66bb70790d196
SHA512

435da9575374d61c0cc9c052a17ca346c0bfcf8c861cdf13ae79bd9872f1a62dbe638d4ebd2a54206e83efb867794f647d401c55163294b25c25e91565f724a4
SSDEEP

12288:T3NO36b9cDn64Dr0CQdwxECrjG8iYsbMVfXz:T3NOq2Wwx9XG8JsbMJXz

Score

N/A

Malware Config

Signatures

Files

c81c26fe3fba7b9cae3a3b7599006e75e2c01e41fa8042886bc66bb70790d196
.exe windows x86

c6fc2770740117fb58666af4eb2fcf83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
LeaveCriticalSection
EnterCriticalSection
CreateMutexA
GetTickCount
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GetFileType
GetStdHandle
InitializeCriticalSection
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
SetEndOfFile
Sleep
GetCurrentThreadId
InterlockedDecrement
WaitForMultipleObjects
CloseHandle
GetModuleFileNameA
InterlockedIncrement
GetLastError
WideCharToMultiByte
CompareStringA
CompareStringW
MultiByteToWideChar
InterlockedExchange
GetVersion
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
GetModuleFileNameW
SetFilePointer
FlushFileBuffers
ReadFile
GetConsoleMode
GetConsoleCP
DeleteFileA
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
SetHandleCount
SetStdHandle
CreateFileA
GetACP
GetLocaleInfoA
GetThreadLocale
HeapDestroy
HeapSize
RaiseException
RtlUnwind
VirtualAlloc
GetModuleHandleA
VirtualQuery
ExitThread
CreateThread
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
MoveFileA
CreateDirectoryA
GetCommandLineA
GetStartupInfoA
DebugBreak
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
VirtualFree
HeapCreate
WriteFile
GetCPInfo
GetOEMCP
IsValidCodePage

user32

UnregisterClassA
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
MessageBoxA

advapi32

ReportEventA
DeregisterEventSource
RegOpenKeyExA
RegSetValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
ControlService
ChangeServiceConfigA
CloseServiceHandle
RegisterEventSourceA

ws2_32

htons
connect
shutdown
socket
WSAIoctl
gethostbyname
htonl
inet_ntoa
closesocket
select
recv
send
inet_addr
WSAStartup
WSACleanup
gethostname
__WSAFDIsSet
getsockopt
setsockopt
getsockname
ntohl
WSAGetLastError

Sections

.text
Size: 412KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6fc2770740117fb58666af4eb2fcf83

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 412KB - Virtual size: 409KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 48KB - Virtual size: 54KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 412KB - Virtual size: 409KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 48KB - Virtual size: 54KB

.rsrc
Size: 4KB - Virtual size: 176B