fd791914f0a0517f4229004b89bebd5557d2042494a4472abad96a2406b7d452

Sharing

Copy URL Twitter E-mail

General

Target

fd791914f0a0517f4229004b89bebd5557d2042494a4472abad96a2406b7d452
Size

648KB
MD5

3a54f58114db47ddc5bf05593610f12a
SHA1

d6b26c799ab63f5b962b1b99c651aa0887c1f1bb
SHA256

fd791914f0a0517f4229004b89bebd5557d2042494a4472abad96a2406b7d452
SHA512

a0449aa7ed7b52083a2b09a8c88680e49213480cd4170680fd8103189ca28315e0d98b96814baf117a751ca7d80d9ecacfb244f6b8908a0706aac57a2a23bf8d
SSDEEP

12288:MKWu15ZkMOO+vD8aCwTySIi+L4u1QyV9lVfVFEi6c5J8CvXZ:5WuFRuvDP5TV+L4uGy1L75J8CvX

Score

N/A

Malware Config

Signatures

Files

fd791914f0a0517f4229004b89bebd5557d2042494a4472abad96a2406b7d452
.exe windows x86

e4ed19a349bc782e59ed83e3bac9bd0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
lstrcpyA
InitializeCriticalSection
TerminateProcess
lstrlenA
CloseHandle
UnmapViewOfFile
MapViewOfFile
GetFileSize
CreateFileA
GetModuleHandleA
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
FindClose
LoadLibraryA
DeleteFileA
FindFirstFileA
GetModuleFileNameA
CopyFileA
WriteFile
SetFilePointer
CreateProcessA
SetEnvironmentVariableA
CompareStringW
CompareStringA
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
lstrcatA
GetProcAddress
LeaveCriticalSection
OpenFileMappingA
FindNextFileA
CreateFileMappingA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
RaiseException
GetCurrentThreadId
TlsAlloc
SetLastError
HeapAlloc
UnhandledExceptionFilter
HeapReAlloc
HeapSize
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

user32

MessageBoxA
SetWindowTextA
SendMessageA
EndDialog
CheckDlgButton
IsDlgButtonChecked
GetDlgItemTextA
GetWindowThreadProcessId
FindWindowA
GetDlgItem
DialogBoxParamA

gdi32

CreateFontA

shell32

ShellExecuteExA
ShellExecuteA

ws2_32

send
select
closesocket
connect
htons
inet_addr
socket
inet_ntoa
gethostbyname
WSAStartup
recv
__WSAFDIsSet

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathFindExtensionA

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hao0
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hao1
Size: 544KB - Virtual size: 542KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4ed19a349bc782e59ed83e3bac9bd0d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ws2_32

shlwapi

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 22KB

.hao0 Size: 4KB - Virtual size: 1KB

.hao1 Size: 544KB - Virtual size: 542KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 22KB

.hao0
Size: 4KB - Virtual size: 1KB

.hao1
Size: 544KB - Virtual size: 542KB

.rsrc
Size: 4KB - Virtual size: 1KB