a640d4dd4a9de33bebb8bebf4fa37101a02dac166f08b0b026a634565308db14

Sharing

Copy URL Twitter E-mail

General

Target

a640d4dd4a9de33bebb8bebf4fa37101a02dac166f08b0b026a634565308db14
Size

80KB
MD5

8b98c23b2dd4d79a43bab12b996fa645
SHA1

7e90eeb24d7415ce5715287cbffc821a87b330b7
SHA256

a640d4dd4a9de33bebb8bebf4fa37101a02dac166f08b0b026a634565308db14
SHA512

08bdc3751d311327c40183904577d1a72a29b61886d9d55500f7ca1bc78de19550ee4c3194a20dece180c8df023e93c3cebc6af1fc87213c1bea8a3ca7e0849a
SSDEEP

1536:j4xqUQI8C1goAxp6QDydBqCeSdzhHf7mF/k7NiYq:cACXAj6QDyDpemFf74Sdq

Score

N/A

Malware Config

Signatures

Files

a640d4dd4a9de33bebb8bebf4fa37101a02dac166f08b0b026a634565308db14
.exe windows x86

f0c0fd3c4852e75d9363d7514417e459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
ExitProcess
CreateThread
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteFile
WaitForSingleObject
TerminateProcess
Sleep
SetFileTime
SetFilePointer
SetFileAttributesA
ReleaseSemaphore
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
OpenProcess
OpenFile
LoadLibraryA
GlobalUnlock
GlobalMemoryStatus
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetVersion
GetSystemInfo
GetSystemDirectoryA
GetProfileIntA
GetProcAddress
GetModuleHandleA
GetLocalTime
GetLastError
GetFileSize
GetDriveTypeA
GetDiskFreeSpaceExA
GetComputerNameA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateSemaphoreA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
GetUserNameA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA

gdi32

GetDeviceCaps
DeleteDC
CreateDCA

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

oleaut32

SysFreeString
SysReAllocStringLen

shell32

ShellExecuteA

user32

GetKeyboardType
MessageBoxA
CharNextA
keybd_event
ShowWindow
SetForegroundWindow
SetClipboardData
SendMessageA
PostMessageA
OpenClipboard
MessageBoxA
MapVirtualKeyA
GetWindowTextA
GetKeyboardLayoutList
GetForegroundWindow
GetCursorPos
GetClientRect
GetClassNameA
FindWindowExA
FindWindowA
EnableWindow
EmptyClipboard
CloseClipboard

wsock32

WSACleanup
WSAStartup
WSAGetLastError
gethostname
gethostbyname
socket
send
recv
inet_ntoa
inet_addr
htons
connect
closesocket

Sections

CODE
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rebld_r
Size: 248B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_i
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0c0fd3c4852e75d9363d7514417e459

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

mpr

oleaut32

shell32

user32

wsock32

Sections

CODE Size: 65KB - Virtual size: 64KB

DATA Size: 512B - Virtual size: 200B

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 30B

.reloc Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 512B

.rebld_r Size: 248B - Virtual size: 248B

.rebld_i Size: 3KB - Virtual size: 3KB

CODE
Size: 65KB - Virtual size: 64KB

DATA
Size: 512B - Virtual size: 200B

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 30B

.reloc
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 512B

.rebld_r
Size: 248B - Virtual size: 248B

.rebld_i
Size: 3KB - Virtual size: 3KB