b899ecd9219469f12c620905be4d7451a9cc856dbba616ce10ed4c17a2f5dee2

Sharing

Copy URL

Twitter E-mail

General

Target

b899ecd9219469f12c620905be4d7451a9cc856dbba616ce10ed4c17a2f5dee2
Size

234KB
MD5

f87047824f7599c3cb9074ccf7588c1d
SHA1

a984938bc368269e8034c429fec3dc7b2cac27b3
SHA256

b899ecd9219469f12c620905be4d7451a9cc856dbba616ce10ed4c17a2f5dee2
SHA512

815dceb34e76f2f650652388417b9ea6aba8bb760e069eecbb31c78516a72d18428012f41d7c9d682d587340ad09f7505197ec9de33dbe693af4de0b4566d12f
SSDEEP

3072:6w1ndiJ9CdOFDlRN9saNwyRS174jmoa7nqSPQqymrjhw7p5Xx0vDQYi8tS45O:6w1ndg9CdIRRasmoCnqSPPazxUkG

Score

N/A

Malware Config

Signatures

Files

b899ecd9219469f12c620905be4d7451a9cc856dbba616ce10ed4c17a2f5dee2
.exe windows x86

d84c6508005d8122a5fa88c6a4c11c18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
inet_ntoa
gethostbyname
WSACleanup
gethostname

kernel32

LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateFileA
GetFileSize
Sleep
VirtualFreeEx
CreateRemoteThread
GetCurrentProcess
GetLastError
OpenMutexA
CopyFileA
SetFileAttributesA
GetSystemTime
GetModuleHandleA
GetModuleFileNameA
ExitProcess
CreateMutexA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleHandleW
OpenProcess
VirtualAllocEx
VirtualProtect
WriteProcessMemory
ReadFile
VirtualProtectEx
LoadLibraryExA
Module32Next
GetProcAddress
SizeofResource
LockResource
LoadResource
FindResourceA
FileTimeToSystemTime
SetFilePointer
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
WriteFile
UnmapViewOfFile
SystemTimeToFileTime
GetLocalTime
GetTickCount
lstrlenA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetVersionExA
GetStringTypeW
GetSystemInfo
InitializeCriticalSectionAndSpinCount
GetStringTypeA
Module32First
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
MultiByteToWideChar
DeleteFileA
HeapAlloc
GetCommandLineA
GetStartupInfoA
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId

user32

MessageBoxA
GetKeyState
GetWindowThreadProcessId
GetDesktopWindow
SetWindowsHookExA
SetTimer
GetMessageA
DispatchMessageA
GetKeyboardLayout
MapVirtualKeyExA
GetKeyboardState
ToUnicodeEx
CallNextHookEx
GetForegroundWindow

advapi32

RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoInitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocString

shlwapi

StrStrIA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d84c6508005d8122a5fa88c6a4c11c18

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 63KB - Virtual size: 62KB