d06a396dc3b4cce3a989e896c10e5ab3a292a50cd3eaebc215e97be6b67e7eb8

General

Target

d06a396dc3b4cce3a989e896c10e5ab3a292a50cd3eaebc215e97be6b67e7eb8
Size

20KB
MD5

faf3e69209094823bf4aa9acafb1fd2e
SHA1

f6a49eeafd4f5cb3fa9a963379f17d4947af2f75
SHA256

d06a396dc3b4cce3a989e896c10e5ab3a292a50cd3eaebc215e97be6b67e7eb8
SHA512

3261140142ff68dd947fc8b7167c57d45c43f02180b3d3616a5ac1c5013aa107572001e5e69d7fff0921253727e4b359ce15fb63258bd103cc4d7010a827c804
SSDEEP

384:lbFBzsMJ8ZtMA++pq2xReY3mNAuKZFWRtvLx:dFprEM/+o2xReSm2bZgRt

Score

N/A

Malware Config

Signatures

Files

d06a396dc3b4cce3a989e896c10e5ab3a292a50cd3eaebc215e97be6b67e7eb8
.exe windows x86

1424f9182c3524b61614ee74e57e3b61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
InternetErrorDlg
InternetReadFile

advapi32

RegQueryValueExA
RegCloseKey
GetUserNameA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA

user32

GetDesktopWindow
GetMessageA
PostThreadMessageA

msvcrt

strlen
fclose
fwrite
fopen
free
atoi
_sleep
_strnicmp
strcat
strncpy
memset
_snprintf
realloc
malloc
memcpy
_exit
_XcptFilter
_acmdln
_strdup
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sprintf
strrchr
exit
_strupr
__getmainargs

iphlpapi

GetAdaptersInfo

ws2_32

inet_ntoa
gethostbyname
WSAStartup
WSACleanup
gethostname

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

CreateFileA
CreateProcessA
GetVersionExA
GetModuleHandleA
GetStartupInfoA
OpenProcess
GetComputerNameA
DeleteFileA
DeviceIoControl
CloseHandle
GetCurrentThreadId
Sleep
GetLastError
CreateMutexA
GetModuleFileNameA
SetFileAttributesA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1424f9182c3524b61614ee74e57e3b61

Headers

File Characteristics

Imports

wininet

advapi32

user32

msvcrt

iphlpapi

ws2_32

psapi

kernel32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 5KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 5KB