a2c8f547b5845085989d4fea63f28f16ef6eca05a3a0d8adb0bff26ea680cf78

General

Target

a2c8f547b5845085989d4fea63f28f16ef6eca05a3a0d8adb0bff26ea680cf78
Size

32KB
MD5

227b5c477188c4f540d9a37d354637a1
SHA1

33179af87b17b0e77560bea18c7f52132199ccc7
SHA256

a2c8f547b5845085989d4fea63f28f16ef6eca05a3a0d8adb0bff26ea680cf78
SHA512

cfd1d3f85a6b9bad1d76c067ac7d2944ae536d6ed28e894a30283525e7ccb28cc7a46b1e0d4ac5538a6c3a0d62f3dc8eb3238dc71df39f723ecd5291efc2cd45
SSDEEP

384:Nlm/xxosqqUMtR1AETgI7OhnPKZ9yOD/avZI0iPhgO8arhHdj5f1FTpP0uw6MGo3:OYs/ZAKdla2jcdi2RBlgk

Score

N/A

Malware Config

Signatures

Files

a2c8f547b5845085989d4fea63f28f16ef6eca05a3a0d8adb0bff26ea680cf78
.exe windows x86

8b2c99f709cf63797217832b09fdb1ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
CreateWindowExA
DispatchMessageA
GetMessageA
SetTimer
SetWindowLongA
wsprintfA

kernel32

lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lwrite
_lcreat
lstrlenA
CloseHandle
CopyFileA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentVariableA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoA
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalMemoryStatus
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
WideCharToMultiByte
WinExec
WriteFile
_lclose
lstrcpynA

wsock32

WSAStartup
accept
bind
closesocket
connect
gethostbyname
gethostname
listen
recv
send
shutdown
socket

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegCreateKeyA
IsValidSid
GetUserNameA
LookupAccountNameA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoTaskMemFree

rasapi32

RasGetEntryPropertiesA
RasGetEntryDialParamsA
RasEnumEntriesA

ws2_32

WSASocketA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8b2c99f709cf63797217832b09fdb1ca

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

ole32

rasapi32

ws2_32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 152KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 152KB