de6ad7e3b992957825da212d30884fa3827880e884db38f858982df2fa43172c

Sharing

Copy URL Twitter E-mail

General

Target

de6ad7e3b992957825da212d30884fa3827880e884db38f858982df2fa43172c
Size

96KB
MD5

3364f1805593a21eedd57bba5e7fcb2e
SHA1

ac05f118b65345637f2e62ca34a4d9b8f4364e2b
SHA256

de6ad7e3b992957825da212d30884fa3827880e884db38f858982df2fa43172c
SHA512

33b030a9746e42de980e541da7c6269e5698961cd956452d7a1349514a7abaf3103765bfe5e66699986710bebf3644f2929050c56e457b41e0ef72ca2a1adf10
SSDEEP

1536:rRt/meoA8/+Jq8TxvDOCpD4/KpR+j1ZqMwHbq3XYdCC3yRafezElbf:rRAeoAFZxviwU/K+psB0qCYcafezElbf

Score

N/A

Malware Config

Signatures

Files

de6ad7e3b992957825da212d30884fa3827880e884db38f858982df2fa43172c
.exe windows x86

026fb23b1d66881049bcc5ed08e9fa76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
LoadLibraryA
GetLastError
CreateMutexA
GetTickCount
GetModuleFileNameA
HeapFree
GetProcessHeap
CloseHandle
WideCharToMultiByte
ReadFile
HeapAlloc
GetFileSize
CreateFileA
MultiByteToWideChar
WriteFile
SetFilePointer
OutputDebugStringA
ExpandEnvironmentStringsA
CreateDirectoryA
GetCurrentThreadId
Sleep
GetLocalTime
_lcreat
FindClose
DeleteFileA
FindNextFileA
FindFirstFileA
SetLastError
Module32Next
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
GetFileAttributesA
_lread
WaitForSingleObject
CreateProcessA
CopyFileA
GetModuleFileNameW
FlushFileBuffers
_llseek
SetEndOfFile
_lwrite
_lclose
GetProcAddress
GetWindowsDirectoryA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
InitializeCriticalSection
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCPInfo
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
RtlUnwind
RaiseException
ExitThread
ResumeThread
CreateThread
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

wsprintfA
PostThreadMessageA
PeekMessageA
GetMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA

ole32

PropVariantClear
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

SysAllocString
SysStringLen
SysFreeString

ws2_32

WSAStartup
connect
send
select
WSASetLastError
gethostbyname
inet_addr
htons
socket
recv

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

026fb23b1d66881049bcc5ed08e9fa76

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 13KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 13KB