d3f350f0851bd2579802acdffa406f83009f970a546b80fad3a3fa69fcc1546e

Sharing

Copy URL Twitter E-mail

General

Target

d3f350f0851bd2579802acdffa406f83009f970a546b80fad3a3fa69fcc1546e
Size

19KB
MD5

0c54a919bc86861827d88543863ce99a
SHA1

42915bd31cf04838fe796bfd5730bea7e546c02c
SHA256

d3f350f0851bd2579802acdffa406f83009f970a546b80fad3a3fa69fcc1546e
SHA512

d412125d76ff2ef9bce860e475e1d3816ecc60829bd436e2f52fa9c82155805bec48b9ccecb5c169874cf9d749a28827af87c3018a1bcf99ae93c84d5167119b
SSDEEP

384:cTOzFvUSWLb+F/OI+j6hPLnTJQDpu4WChhoNed2Qa89:lzeSWSJ+mlJQDpuYDoNe84

Score

N/A

Malware Config

Signatures

Files

d3f350f0851bd2579802acdffa406f83009f970a546b80fad3a3fa69fcc1546e
.exe windows x86

8d2feaaddddbc11cd2a5445d79e4d01f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathFileExistsA

ws2_32

closesocket
ioctlsocket
socket

advapi32

AllocateAndInitializeSid
RegDeleteKeyA

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateFileA
CreateMutexA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FindAtomA
GetAtomNameA
GetDriveTypeA
GetFileAttributesA
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempPathA
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
LoadLibraryA
MoveFileExA
OpenProcess
ReadProcessMemory
SetFileAttributesA
SetUnhandledExceptionFilter
Sleep
TerminateThread
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WriteFile
WriteProcessMemory
lstrcatA
lstrlenA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
_snprintf
abort
atexit
atoi
fclose
fopen
free
fwrite
getenv
malloc
memcpy
memmove
memset
rand
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strncmp
strncpy
strrchr
strstr
strtok
time

user32

BringWindowToTop
CreateWindowExA
DispatchMessageA
EnumWindows
FindWindowA
FindWindowExA
GetMessageA
GetWindowTextA
GetWindowThreadProcessId
IsWindow
KillTimer
LoadCursorA
LoadIconA
RegisterClassExA
SendMessageA
SetFocus
SetForegroundWindow
SetTimer
ShowWindow
TranslateMessage
VkKeyScanA
keybd_event

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d2feaaddddbc11cd2a5445d79e4d01f

Headers

File Characteristics

Imports

shlwapi

ws2_32

advapi32

kernel32

msvcrt

user32

wininet

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 5KB

.idata Size: 3KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 3KB - Virtual size: 3KB