a1112a1710f95a2b4db97bccffb3d59f8a5ed39283d09f770097e9927b5bedbe

Sharing

Copy URL Twitter E-mail

General

Target

a1112a1710f95a2b4db97bccffb3d59f8a5ed39283d09f770097e9927b5bedbe
Size

195KB
MD5

09a5ff7cff6bff6287841330f23375dc
SHA1

5eee4174a218838e6fd242772c54ff93222012d7
SHA256

a1112a1710f95a2b4db97bccffb3d59f8a5ed39283d09f770097e9927b5bedbe
SHA512

fae53120ed4c474af65b221224b2cd03b53bc65e19e5ae45498dec56ffb14597ae0215fbd33d59a3f238795aca194e1ca0530d92edabad8ae1db1e0d462201f5
SSDEEP

3072:eMW/Bw6p/56DwWgrc7ttIyU1tZtnwKVpTScLmbtjZQBYSdlLy8S8:eb/Bw6awWroyUzZfVpctqBjg8

Score

N/A

Malware Config

Signatures

Files

a1112a1710f95a2b4db97bccffb3d59f8a5ed39283d09f770097e9927b5bedbe
.exe windows x86

cefc32f8be44ac2f4f7663ef820d098f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineW
GetVersion
WriteFile
SetFilePointer
CloseHandle
AllocConsole
InitializeCriticalSection
GetModuleFileNameW
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess

user32

GetWindowTextA
SystemParametersInfoW
GetScrollRange
ShowScrollBar
GetDlgItemInt
SetDlgItemInt
LoadImageA
CreateCaret
SendMessageA
SendMessageTimeoutA
SetWindowTextA
EnumWindows
IsDialogMessageW
CallNextHookEx
GetClassNameW
DefWindowProcW
GetAsyncKeyState
GetWindowLongW
GetMessagePos
GetKeyNameTextA
DestroyWindow
GetWindowTextLengthA
RegisterClassExA
GetClassInfoExA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CheckRadioButton
EndDialog
SendDlgItemMessageW
OffsetRect
GetWindowTextLengthW

advapi32

RegOpenKeyExW
RegQueryValueExW
StartServiceCtrlDispatcherW
RegSetValueExW
RegEnumKeyW
RegisterServiceCtrlHandlerW
RegCloseKey

ws2_32

WSAWaitForMultipleEvents
send
WSACleanup
socket
WSAStartup
WSAEnumNetworkEvents
WSAAddressToStringA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cefc32f8be44ac2f4f7663ef820d098f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 42KB - Virtual size: 97KB

.rsrc Size: 98KB - Virtual size: 100KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 42KB - Virtual size: 97KB

.rsrc
Size: 98KB - Virtual size: 100KB