a5bff9e61bbb5122cef9262b7b1d1862a804f26fa5e646d6fecdd4713918046b

Sharing

Copy URL Twitter E-mail

General

Target

a5bff9e61bbb5122cef9262b7b1d1862a804f26fa5e646d6fecdd4713918046b
Size

60KB
MD5

117d5db28eae74bf38de7c40d6e49607
SHA1

7556956b25d85c315c8a2972e8abb3faaf1f0ffd
SHA256

a5bff9e61bbb5122cef9262b7b1d1862a804f26fa5e646d6fecdd4713918046b
SHA512

edffe67554534f4955fe52f458bc20a426c81ad76061fb3b5259a431aee9ccf7699493f1f583197a13aa05242d4157b1e452a6b7c4f7158305a399c32cb89767
SSDEEP

768:bTRPUgxmXPVTH+sCogyPMotwSHBcf+0H68L4qh+jo9i9DE:bugxyPZXCoXLtwSHBxk6SWoWDE

Score

N/A

Malware Config

Signatures

Files

a5bff9e61bbb5122cef9262b7b1d1862a804f26fa5e646d6fecdd4713918046b
.exe windows x86

0b77786e4c014108d7af2733b7fe0c4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
GetVersion
TerminateProcess
OpenProcess
CreateThread
GetSystemDefaultLangID
GetVersionExA
lstrcpyA
lstrcmpiA
Sleep
GetSystemDirectoryA
lstrcatA
CreateFileA
ReadFile
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
WriteFile
GetCurrentDirectoryA
SetStdHandle
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
FlushFileBuffers
ExitProcess
RtlUnwind
RaiseException
GetModuleHandleA
GetCommandLineA
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
SetUnhandledExceptionFilter
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
InterlockedExchange
VirtualQuery
GetStringTypeA
MultiByteToWideChar

advapi32

RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA

shell32

ShellExecuteA

wininet

HttpAddRequestHeadersA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA

ws2_32

WSAStartup
gethostname

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b77786e4c014108d7af2733b7fe0c4d

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

ws2_32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 7KB