ad2090c354f039357c464a77c75ac1a6ffafb6e6014ce1035c99117070228fb2

Sharing

Copy URL Twitter E-mail

General

Target

ad2090c354f039357c464a77c75ac1a6ffafb6e6014ce1035c99117070228fb2
Size

70KB
MD5

41425619e902fd79663789d80a63329e
SHA1

ab0e28b58dcc9f3a8f19f924de8bb977a73a5027
SHA256

ad2090c354f039357c464a77c75ac1a6ffafb6e6014ce1035c99117070228fb2
SHA512

dcc8bb61a7ec6692de1b4718927e1f6dea9aa74bb56eba6efeb9669d5e98082295585618b210c5491580733d5530d8935ef61aacce12e77a3fd04a78e369be9f
SSDEEP

768:7imJYA9mSpNrfZIwdwHAIGprsglHRGRf56bkTRxnM5e2LsL75VX/towzpN1xHpeX:BJYAsc4wqEprsn6b+HMYV1oIJu

Score

N/A

Malware Config

Signatures

Files

ad2090c354f039357c464a77c75ac1a6ffafb6e6014ce1035c99117070228fb2
.exe windows x86

0827a2665d36425d14978b5f97a1f0ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetLastError
CreateMutexA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
lstrcpyA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
GetTimeFormatA
GetDateFormatA
GetFileSize
GetFileAttributesA
ReadFile
SetFilePointer
GetModuleFileNameA
TerminateThread
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetEndOfFile
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetVersionExA
SetFileAttributesA
CreateThread
GetTickCount
CreateDirectoryA
Sleep
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
RtlUnwind

user32

GetForegroundWindow
keybd_event
SendMessageA
GetClassNameA
EnumChildWindows
EnumWindows
GetWindowTextA
FindWindowA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
PostQuitMessage
SetForegroundWindow
CharUpperBuffA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA

shell32

ShellExecuteA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA

ws2_32

WSACleanup
closesocket
send
connect
htons
gethostbyname
socket
WSAStartup
inet_addr
ioctlsocket
listen
bind
recv
accept
__WSAFDIsSet
select
WSAGetLastError
gethostname
getsockname

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0827a2665d36425d14978b5f97a1f0ef

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

ws2_32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 64KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 64KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB