d80ae385d3c76d81a6b78b7554848bbff3c6ec419b2ca65ba669b0d204429e8f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d80ae385d3c76d81a6b78b7554848bbff3c6ec419b2ca65ba669b0d204429e8f
Size

16KB
MD5

89960c1ce60d74d8db38dd1b0561d63e
SHA1

397ad873e46ed14fdb4d56bd408a1ab087efd4fd
SHA256

d80ae385d3c76d81a6b78b7554848bbff3c6ec419b2ca65ba669b0d204429e8f
SHA512

fa3106aa51fe9d13f0718438ac8cfd8b963b9d2ed710dc7b25256d799c253943190d509ef486b795621910182386b9c90d06c6f11cbb923e6373cfed3f53a1bf
SSDEEP

384:zW4aZshFLxJ5D75C00fKR2XjlHnRrAytv:6ZshFLr535PRo5RrJv

Score

N/A

Malware Config

Signatures

Files

d80ae385d3c76d81a6b78b7554848bbff3c6ec419b2ca65ba669b0d204429e8f
.exe windows x86

f5174b5a484bc1a320287e839c07cdc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
lstrlenA
Sleep
lstrcmpA
FindClose
UnmapViewOfFile
FindNextFileA
FindFirstFileA
lstrcatA
lstrcpyA
GetVersionExA
CreateThread
GetModuleFileNameA
SetPriorityClass
CreateFileA
CloseHandle
WriteFile
LockResource
LoadResource
FindResourceA
CopyFileA
GetSystemDirectoryA
GetSystemTime
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
HeapAlloc
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GetFileSize
CreateFileMappingA
MapViewOfFileEx
GetProcessHeap
CreateProcessA
GetCurrentProcess
GetVersion
ExitProcess
TerminateProcess

user32

wsprintfA

advapi32

RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegCloseKey
RegQueryValueExA

ws2_32

bind
connect
htons
inet_addr
gethostbyname
socket
accept
recv
listen
send
htonl
WSAGetLastError
__WSAFDIsSet
ioctlsocket
select
WSAStartup
closesocket
inet_ntoa

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ