61d3a1ec96e86fe3efd6f1d2505ad9558268c482323b0f7ae743a5a72ceed9e8

Sharing

Copy URL Twitter E-mail

General

Target

61d3a1ec96e86fe3efd6f1d2505ad9558268c482323b0f7ae743a5a72ceed9e8
Size

108KB
MD5

d8f742d6a81c42f44b9d7807bf0ab798
SHA1

1a42a49fce0040e65c9a4a89639eab9d1223ab2a
SHA256

61d3a1ec96e86fe3efd6f1d2505ad9558268c482323b0f7ae743a5a72ceed9e8
SHA512

f74285cca620f5ee8bb0ca0586ae70c18328da971af6429a3166961f5b037baaf35e7bf4e9d4940c8b40341155c6cb13bfc69a79f8376b3caa92ac3e096a3f30
SSDEEP

1536:RLuIvkojqYtXjzld67cqU4IUIy9fwZpKkD5cgdkf4wOojPnqDfqbB:Qq5tBdI7j58D57dW4wOobnqDfqbB

Score

N/A

Malware Config

Signatures

Files

61d3a1ec96e86fe3efd6f1d2505ad9558268c482323b0f7ae743a5a72ceed9e8
.exe windows x86

7bec17f9cdfb20133d0235ae7240e04d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
LocalAlloc
GetFileSize
ReadFile
SetFilePointer
MoveFileA
lstrcatA
CreateProcessA
InitializeCriticalSection
lstrcmpiA
MapViewOfFile
CreateFileMappingA
HeapFree
UnmapViewOfFile
LocalSize
GlobalFree
LocalFree
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
WaitForMultipleObjects
TerminateProcess
OpenProcess
GetCurrentThreadId
GetSystemInfo
GetComputerNameA
GetVersionExA
OpenEventA
SetErrorMode
GetModuleHandleA
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrlenA
lstrcpyA
GetFileAttributesA
CreateDirectoryA
DeleteFileA
GetCurrentProcessId
GetLocalTime
GetTickCount
CancelIo
InterlockedExchange
ResetEvent
GetLastError
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
Sleep
CloseHandle
FreeLibrary
SetEvent
WaitForSingleObject
LoadLibraryA
GetProcAddress
GlobalUnlock

user32

TranslateMessage
GetMessageA
CharNextA
wsprintfA
GetWindowTextA
MessageBoxA
LoadCursorA
BlockInput
SendMessageA
keybd_event
MapVirtualKeyA
SetCapture
WindowFromPoint
SetCursorPos
mouse_event
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorPos
DestroyCursor
GetCursorInfo
ExitWindowsEx
GetWindowThreadProcessId
CloseWindow
IsWindow
PostMessageA
OpenDesktopA
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
DispatchMessageA
IsWindowVisible

advapi32

RegQueryValueExA
RegOpenKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
DeleteService
OpenSCManagerA
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

msvcrt

strncpy
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_strrev
_strnicmp
_strnset
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
_errno
strchr
strcat
strncmp
atoi
strrchr
strcmp
_except_handler3
malloc
free
??0exception@@QAE@ABQBD@Z
sprintf
strcpy
rand
memcmp
strstr
strlen
memset
??2@YAPAXI@Z
putchar
??3@YAXPAX@Z
memcpy
puts
__CxxFrameHandler
_CxxThrowException
memmove
ceil
_ftol

ws2_32

recv
select
closesocket
send
inet_addr
connect
sendto
WSASocketA
htonl
inet_ntoa
getsockname
bind
recvfrom
__WSAFDIsSet
gethostbyname
htons
setsockopt
WSAIoctl
WSACleanup
WSAStartup
socket

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bec17f9cdfb20133d0235ae7240e04d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ws2_32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB