c7b0057be4e68ca13a4892dde91db2e2d2c6c68097daf1780960e22c36785506

Sharing

Copy URL Twitter E-mail

General

Target

c7b0057be4e68ca13a4892dde91db2e2d2c6c68097daf1780960e22c36785506
Size

57KB
MD5

564a3d176c329ec0d133af43984aff17
SHA1

7eb4dd7e5ef242bb53585992b72b5770902597a0
SHA256

c7b0057be4e68ca13a4892dde91db2e2d2c6c68097daf1780960e22c36785506
SHA512

fb557113d6326292ff04f3be4732819a6802afd061dae74bca626aa2c43d6ca49ca81f8e9e03fb009eb5bcad4f098c240bb00b0937ff61a04c3e012fb8048cd9
SSDEEP

768:tB1R9bW7+g2kf+Y5Fx75AvOmN7/LFtMbmRZP1mHXcayml:ZR9c2kfxdivOmtLIM6Mayml

Score

N/A

Malware Config

Signatures

Files

c7b0057be4e68ca13a4892dde91db2e2d2c6c68097daf1780960e22c36785506
.exe windows x86

73544fee8e21f2116619c3414b7ee7c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetSystemDefaultLCID
GetACP
GetComputerNameA
GetCurrentThreadId
lstrlenW
GetLocalTime
FileTimeToSystemTime
CreateDirectoryA
GetTempPathA
FreeLibrary
LoadResource
FindResourceA
lstrlenA
MoveFileA
GetSystemInfo
IsBadCodePtr
GetOEMCP
RaiseException
GetSystemTime
TlsAlloc
SetUnhandledExceptionFilter
GetModuleHandleA
CreateMutexA
GetProcAddress

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

rpcrt4

UuidCreate

ws2_32

setsockopt
shutdown
closesocket
accept
WSAStartup
socket
htons
ioctlsocket
connect
getsockopt
inet_addr
gethostbyname
recv
select
WSAGetLastError
send

resutils

ResUtilVerifyService
ResUtilStartResourceService
ClusWorkerTerminate
ResUtilAddUnknownProperties
ResUtilSetSzValue
ResUtilDupString
ResUtilStopResourceService

qedit

DllCanUnloadNow
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qWPeqe
Size: 5KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PaX
Size: 5KB - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Bo
Size: 4KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fFH
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bZJ
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IsSxVX
Size: 3KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.z
Size: 6KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73544fee8e21f2116619c3414b7ee7c0

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

ws2_32

resutils

qedit

Sections

.text Size: 15KB - Virtual size: 14KB

.qWPeqe Size: 5KB - Virtual size: 804KB

.rdata Size: 1KB - Virtual size: 27KB

.PaX Size: 5KB - Virtual size: 594KB

.Bo Size: 4KB - Virtual size: 677KB

.fFH Size: 6KB - Virtual size: 24KB

.bZJ Size: 1024B - Virtual size: 11KB

.IsSxVX Size: 3KB - Virtual size: 184KB

.data Size: 6KB - Virtual size: 233KB

.z Size: 6KB - Virtual size: 35KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.qWPeqe
Size: 5KB - Virtual size: 804KB

.rdata
Size: 1KB - Virtual size: 27KB

.PaX
Size: 5KB - Virtual size: 594KB

.Bo
Size: 4KB - Virtual size: 677KB

.fFH
Size: 6KB - Virtual size: 24KB

.bZJ
Size: 1024B - Virtual size: 11KB

.IsSxVX
Size: 3KB - Virtual size: 184KB

.data
Size: 6KB - Virtual size: 233KB

.z
Size: 6KB - Virtual size: 35KB

.rsrc
Size: 2KB - Virtual size: 1KB