c622cfe95b78e8e3238390f29085ce3242d7dfd55df5f6b216b4081e82895cf5

General

Target

c622cfe95b78e8e3238390f29085ce3242d7dfd55df5f6b216b4081e82895cf5
Size

28KB
MD5

7c400b054652d9cc8282b9e46b7b67dd
SHA1

1d97726acf20403a659d3266eacefc0c64e58cdd
SHA256

c622cfe95b78e8e3238390f29085ce3242d7dfd55df5f6b216b4081e82895cf5
SHA512

beae54635a9a3f898269e2a2705b5734748f0016ea354b5f20a3deab9949487c294997d229bc20bcc9cca2bd9cf2059299197fb403a59acdc4c8b0ca242260f6
SSDEEP

384:D66x6CE75nKHqW+5aXbmlVhAfyyDCerjWrh/ov:D6s6DxKHc5+fym5rjoh/o

Score

N/A

Malware Config

Signatures

Files

c622cfe95b78e8e3238390f29085ce3242d7dfd55df5f6b216b4081e82895cf5
.exe windows x86

b97d64c771116662cb55ed725ab37892

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

send
ioctlsocket
gethostbyaddr
connect
recv
WSAGetLastError
accept
WSACleanup
socket
WSAAsyncSelect
closesocket
htons
bind
listen
WSAStartup

kernel32

LoadLibraryA
LCMapStringA
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
MultiByteToWideChar
HeapReAlloc
GetCPInfo
HeapFree
GetCurrentProcessId
GetCommandLineA
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcpyA
GetDriveTypeA
GetStringTypeW
RtlUnwind
LCMapStringW
lstrcatA
GetVersionExA
Sleep
GetTickCount
GetComputerNameA
FindClose
GetLastError
FindNextFileA
WriteFile
FindFirstFileA
GetTempFileNameA
GetTempPathA
DeleteFileA
ReadFile
HeapCreate
GetFileSize
CreateFileA
CreateProcessA
GetStringTypeA
CreateThread
CloseHandle
VirtualFree
lstrcmpiA
SetFilePointer
GetVersion
ExitProcess
GetFileType
GetStdHandle
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
UnhandledExceptionFilter
GetStartupInfoA
GetCurrentProcess
TerminateProcess
GetModuleFileNameA

user32

TranslateMessage
ShowWindow
DestroyWindow
DispatchMessageA
SendMessageA
CreateWindowExA
DefWindowProcA
wsprintfA
PostQuitMessage
RegisterClassA
FindWindowA
RegisterClassExA
GetMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b97d64c771116662cb55ed725ab37892

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB