de5d64d810b2fae9c1d8a6c68c4ebe9ff2656ef87803a6f1a02a5ef7e8bf96dd

Sharing

Copy URL Twitter E-mail

General

Target

de5d64d810b2fae9c1d8a6c68c4ebe9ff2656ef87803a6f1a02a5ef7e8bf96dd
Size

52KB
MD5

dd84b33d9fea906cf9891ec2c6d485e1
SHA1

c4f5d0a7a5ffa1aa3f8cfaa41be7a792d3bf2467
SHA256

de5d64d810b2fae9c1d8a6c68c4ebe9ff2656ef87803a6f1a02a5ef7e8bf96dd
SHA512

7a65cc664bf18d807d1334a4fdda9a89bcfd0bf9a57b4848a811ed854839108d491a49ca83e4351ab49bb4486f03422b96cefd95baf824c5a3feeb1210df666f
SSDEEP

768:yBNFi9wNbql0IcFGxQFSwjwHlOXvTTjqWVyja+mNJmN0t5uRO/:n92bql0IcFKQM4CujqWVg3mNRt5Z

Score

N/A

Malware Config

Signatures

Files

de5d64d810b2fae9c1d8a6c68c4ebe9ff2656ef87803a6f1a02a5ef7e8bf96dd
.exe windows x86

d7fe8e8d37c15b6b9998c35c5a6d8b1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
connect
socket
htons
ioctlsocket
getsockname
inet_addr
gethostbyname
WSAStartup
closesocket
recv
select
send

advapi32

RegQueryValueExA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetOEMCP
GetACP
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
LocalFree
RaiseException
SetUnhandledExceptionFilter
IsBadCodePtr
GetCPInfo
CreateThread
ExitProcess
Sleep
GetTickCount
ExitThread
GetLastError
CreateMutexA
SetErrorMode
LoadLibraryA
GetProcAddress
GetModuleHandleA
CopyFileA
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
GetWindowsDirectoryA
GetModuleFileNameA
CloseHandle
CreateProcessA
ExpandEnvironmentStringsA
FindClose
FindNextFileA
lstrlenA
GetFullPathNameA
SetCurrentDirectoryA
FindFirstFileA
GetDriveTypeA
GlobalFree
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
WriteFile
GetFileSize
CreateFileA
ReadFile
GetSystemTime
GetSystemDefaultLangID
GlobalUnlock
GlobalLock
lstrcatA
GetLogicalDriveStringsA
GetLocaleInfoA
TerminateThread
WaitForSingleObject
GetTempPathA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
GetVersion
GetStringTypeA
RtlUnwind
GetFileType
GetStdHandle
GetCommandLineA
GetStartupInfoA
HeapAlloc
SetHandleCount

user32

SetForegroundWindow
SetFocus
BlockInput
keybd_event
VkKeyScanA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindow
SendMessageA
FindWindowExA
CharLowerA
wsprintfA
FindWindowA
ShowWindow

shlwapi

PathFileExistsA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
VariantInit

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d7fe8e8d37c15b6b9998c35c5a6d8b1e

Headers

File Characteristics

Imports

ws2_32

advapi32

kernel32

user32

shlwapi

ole32

oleaut32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 19KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 19KB