aaa1e00f67303f3280a4c5c89d9d46ebefb788a2a026e6fa15350ab75438f693

Sharing

Copy URL Twitter E-mail

General

Target

aaa1e00f67303f3280a4c5c89d9d46ebefb788a2a026e6fa15350ab75438f693
Size

96KB
MD5

170b38d9f60532ba6fc0cd552f4e4b33
SHA1

64c2477f9c2ffad0677c59ba0aa7a3e52f874e1d
SHA256

aaa1e00f67303f3280a4c5c89d9d46ebefb788a2a026e6fa15350ab75438f693
SHA512

207a263e9abdbb158a98fe5ba718e15b36459c335c12eba1133a1a8eef251ffb50d24ec9427218fe7913c7c4c27154b256bb4874b88a0f5f22cbfc5f50a3af2a
SSDEEP

1536:8bd9ZdM2gVDrcwU7NQtgwvmOpgP/MYfpWSTkW8VCQlZaK:8ZPdALcS+L/0ST1TQlZj

Score

N/A

Malware Config

Signatures

Files

aaa1e00f67303f3280a4c5c89d9d46ebefb788a2a026e6fa15350ab75438f693
.exe windows x86

90811091df53abfad2759b4b966ae7ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
HeapReAlloc
HeapSize
Sleep
CloseHandle
ReadProcessMemory
OpenProcess
ExitProcess
GetProcAddress
LoadLibraryA
ExitThread
WriteFile
ReadFile
GetFileSize
CreateFileA
SetFileAttributesA
GetFileAttributesA
WaitForSingleObject
GetLastError
OpenMutexA
LockResource
LoadResource
FindResourceExA
DeleteFileA
CreateProcessA
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetSystemTime
GetComputerNameA
CreateThread
HeapFree
GetProcessHeap
CreateMutexA
HeapAlloc
GetLocaleInfoW
SetStdHandle
GetOEMCP
GetACP
InterlockedExchange
VirtualQuery
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetFilePointer
FlushFileBuffers
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
GetStdHandle

user32

GetWindowThreadProcessId
FindWindowA

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
GetUserNameA

shell32

SHGetFolderPathA

ws2_32

closesocket
send
recv
connect
socket
shutdown
htons
WSACleanup
inet_addr
WSAStartup
WSAGetLastError
select

wininet

InternetGetConnectedState

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90811091df53abfad2759b4b966ae7ec

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 4KB