b4ea5a1e5eb1c9a35fba626fe41315a2a108a846f81ab4ba84fa9a1bcec3945d

Sharing

Copy URL Twitter E-mail

General

Target

b4ea5a1e5eb1c9a35fba626fe41315a2a108a846f81ab4ba84fa9a1bcec3945d
Size

800KB
MD5

c23feb7970c396ed6071ecbaf55c9f21
SHA1

f103d0cecb98d0d1a335c6b94c0cdc041c2554ae
SHA256

b4ea5a1e5eb1c9a35fba626fe41315a2a108a846f81ab4ba84fa9a1bcec3945d
SHA512

a9d865f52b522ea74cb3f6d6e506280d00e8a2365e679a8331c83957ccdc1fd3f8527f45fa48c5abb3531e5726e303daffa2dc75a913d0be92dcecabe659b4aa
SSDEEP

24576:4Gx+kep23q1JDcAgwVBrbjVVr7QYbmT4dwuAR5:9GpkqbDcMV9bPzKkdwH5

Score

N/A

Malware Config

Signatures

Files

b4ea5a1e5eb1c9a35fba626fe41315a2a108a846f81ab4ba84fa9a1bcec3945d
.exe windows x86

b8cee3794245cfbd2fd3c48305c90847

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
SetFilePointer
SetUnhandledExceptionFilter
GetTickCount
TerminateThread
GetPrivateProfileStringW
WideCharToMultiByte
GetModuleHandleW
MoveFileW
CreateWaitableTimerW
WriteConsoleW
WaitForMultipleObjects
TlsAlloc
WaitForSingleObject
MoveFileExW
GetLocalTime
HeapAlloc
LCMapStringW
EnterCriticalSection
SetHandleCount
CreateThread
FindFirstFileW
GetProcAddress
CloseHandle
GetFileSizeEx
InterlockedDecrement
Sleep
MultiByteToWideChar
SetWaitableTimer
GetConsoleMode
IsValidCodePage
HeapFree
GetStartupInfoW
GetConsoleCP
ReleaseMutex
GetSystemTimeAsFileTime
GetCurrentThreadId
GetStringTypeW
HeapSize
SetFilePointerEx
CreateFileW
InterlockedIncrement
CreateEventW
ReadFile
CreateMutexW
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetModuleFileNameW
TerminateProcess
SetStdHandle
GetFullPathNameW
GetCPInfo
GetStdHandle
GetFileType
SetFileTime
LoadLibraryW
GetCurrentProcess
HeapCreate
FindNextFileW
ReadConsoleInputA
FlushFileBuffers
GetCommandLineW
FreeEnvironmentStringsW
GetLastError
WriteFile
VirtualAlloc
SetLastError
HeapSetInformation
GetEnvironmentStringsW
ExitProcess
UnhandledExceptionFilter
FindClose
SleepEx
SetCurrentDirectoryW
TlsSetValue
TlsGetValue
SetConsoleMode
LeaveCriticalSection
RtlUnwind
IsDebuggerPresent
TlsFree
CreateDirectoryW
GetACP
HeapReAlloc
DeleteFileW
SetEvent
GetOEMCP
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount

gdi32

ChoosePixelFormat

advapi32

DeleteService
CreateServiceW
OpenServiceW
ChangeServiceConfig2W
CloseServiceHandle
OpenSCManagerW
ControlService
RegisterServiceCtrlHandlerW
StartServiceW
StartServiceCtrlDispatcherW
SetServiceStatus

wininet

InternetSetOptionW
InternetReadFile
InternetOpenW
HttpSendRequestA
HttpOpenRequestA
InternetQueryDataAvailable
InternetConnectA
InternetCloseHandle
HttpQueryInfoA

netapi32

NetApiBufferFree

wtsapi32

WTSVirtualChannelClose

dnsapi

DnsReplaceRecordSetA

Exports

Exports

_nax

Sections

.text
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.abc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.234
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joke
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.poke
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8cee3794245cfbd2fd3c48305c90847

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

wininet

netapi32

wtsapi32

dnsapi

Exports

Exports

Sections

.text Size: 556KB - Virtual size: 555KB

.abc Size: 219KB - Virtual size: 219KB

.234 Size: - Virtual size: 5.3MB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 828B

.joke Size: 512B - Virtual size: 116B

.poke Size: 512B - Virtual size: 60B

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 14KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 556KB - Virtual size: 555KB

.abc
Size: 219KB - Virtual size: 219KB

.234
Size: - Virtual size: 5.3MB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 828B

.joke
Size: 512B - Virtual size: 116B

.poke
Size: 512B - Virtual size: 60B

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 14KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 3KB