b2ae130dbbf5c6689b93aee9cfc15546d90056008201279081bdbb79142fcd0a

General

Target

b2ae130dbbf5c6689b93aee9cfc15546d90056008201279081bdbb79142fcd0a
Size

48KB
MD5

958744a44547cc26e6f52883bb4a630b
SHA1

82ddfff20e113fa4e9118309c73dee30429ff451
SHA256

b2ae130dbbf5c6689b93aee9cfc15546d90056008201279081bdbb79142fcd0a
SHA512

521a49c848adec4031e8dc11f46c8bc130101facc3387b54d93ec1587a7f1f153ef10cc00d84a0c52603ddb5922df1314ce6557fcf684f3fbd77ccbc31d01bfe
SSDEEP

768:Y3Ab6ngUg3xC++NiLK9itDh9ekyp5e0PAFo:YK6v5iL5NhEky4o

Score

N/A

Malware Config

Signatures

Files

b2ae130dbbf5c6689b93aee9cfc15546d90056008201279081bdbb79142fcd0a
.exe windows x86

1da837eeaefd8666ae83b12318c24e74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
GetWindowsDirectoryA
GetLastError
ReadProcessMemory
GetProcAddress
LoadLibraryA
CreateFileA
CopyFileA
GetSystemDirectoryA
CreateMutexA
GetModuleFileNameA
GetStringTypeA
LCMapStringW
WriteFile
lstrcatA
MultiByteToWideChar
DeleteFileA
CreateThread
CloseHandle
Sleep
GetCurrentProcess
OutputDebugStringA
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
ReadFile
SetStdHandle
FlushFileBuffers
SetFilePointer
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetStringTypeW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA

user32

wsprintfA

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
StartServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA

ws2_32

gethostbyname
inet_ntoa
accept
WSAStartup
gethostname
listen
inet_addr
socket
htons
connect
recv
select
__WSAFDIsSet
closesocket
ioctlsocket
send
bind

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1da837eeaefd8666ae83b12318c24e74

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB