c373dfcda60c778ecf2b57199d4688956245f6db9b3bf9f7eaac51689f22c960

Sharing

Copy URL Twitter E-mail

General

Target

c373dfcda60c778ecf2b57199d4688956245f6db9b3bf9f7eaac51689f22c960
Size

76KB
MD5

61db3d735a85e050ac92ff648c247447
SHA1

2533128a36bce7cc4fe2022df73cd2d9cb58dbbd
SHA256

c373dfcda60c778ecf2b57199d4688956245f6db9b3bf9f7eaac51689f22c960
SHA512

53415ea828f822c4cd6b51777e6c87121499a16d7c84c17981657547d379b55d37c6718eb34e5324fd3b3d3393585fb775095249bc97fda66ce33bf9fbe3cf59
SSDEEP

1536:5boR+5DCVfOFqwrFXZwQuCS+Ir8JVXiH9uzjlT3h:5bTDZFqwh+wjQQjlT3h

Score

N/A

Malware Config

Signatures

Files

c373dfcda60c778ecf2b57199d4688956245f6db9b3bf9f7eaac51689f22c960
.exe windows x86

dbd3e25b8b9c41cb1e264e23b59eb209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CloseHandle
CreateEventA
CreateThread
GlobalAlloc
GlobalFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MoveFileExA
GetModuleHandleA
Sleep
GetModuleFileNameA
WinExec
GetTickCount
GetLastError
FlushFileBuffers
ReadFile
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
LoadLibraryA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetSystemInfo
VirtualProtect
GetCPInfo
GetOEMCP
GetACP
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
RtlUnwind
RaiseException
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
HeapFree
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapSize
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetFilePointer
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr

advapi32

RegisterServiceCtrlHandlerA
CreateServiceA
OpenSCManagerA
OpenServiceA
ChangeServiceConfig2A
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA

urlmon

URLDownloadToFileA

ws2_32

bind
listen
shutdown
WSAStartup
WSASocketA
setsockopt
WSAEventSelect
sendto
recvfrom
htons
inet_addr
connect
send
recv
gethostname
gethostbyname
inet_ntoa
ioctlsocket
select
__WSAFDIsSet
accept
socket
closesocket

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dbd3e25b8b9c41cb1e264e23b59eb209

Headers

File Characteristics

Imports

kernel32

advapi32

urlmon

ws2_32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 10KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 10KB