e78c21f5adf02b8d9e31d9f1b9b9efa01602d6fad892ca3942742a8e016944bd

Sharing

Copy URL Twitter E-mail

General

Target

e78c21f5adf02b8d9e31d9f1b9b9efa01602d6fad892ca3942742a8e016944bd
Size

76KB
MD5

c9936131cb8d0a70400788dda8d11908
SHA1

46cc2b099571b4988eecb7175f370788a1b90d2b
SHA256

e78c21f5adf02b8d9e31d9f1b9b9efa01602d6fad892ca3942742a8e016944bd
SHA512

02706aab733f9f6f2812c32876fb3a0c83a299600212092320430663be06160de980d6ac818c1c489d8d0f260f34d8f44eb5939df0681ac4ae614642549b3410
SSDEEP

1536:i1kKuNPx6VEprrPR2o/LASyBCPMg8mb4S1bJL:ijuNPxu2vPR2o/sSyrg7pN

Score

N/A

Malware Config

Signatures

Files

e78c21f5adf02b8d9e31d9f1b9b9efa01602d6fad892ca3942742a8e016944bd
.exe windows x86

e934a63c280de0b0324cf0ef1e62d4a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
WinExec
GetTempPathA
GetTickCount
ExitProcess
CreateThread
Sleep
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
DeleteFileA
SetFileAttributesA
MoveFileA
GetFileAttributesA
CopyFileA
CreateDirectoryA
GetProcAddress
LoadLibraryA
GetLocalTime
lstrcmpA
CloseHandle
WriteFile
GetCurrentProcess
GetLastError
MultiByteToWideChar
lstrlenA
InterlockedDecrement
GetWindowsDirectoryA
GetLogicalDriveStringsA
FindClose
FindNextFileA
FindFirstFileA
ExpandEnvironmentStringsA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
OpenProcess
Module32Next
Module32First
LocalFree
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
CreateFileA
ResumeThread

user32

TranslateMessage
DispatchMessageA
SetTimer
GetMessageA
KillTimer

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

ole32

OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear
GetErrorInfo

ws2_32

WSACleanup
gethostbyname
gethostname
WSAStartup

msvcrt

_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
sprintf
fopen
rand
srand
time
fclose
fputs
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
_strcmpi
strtok
_CxxThrowException

Sections

.xfire
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xfire
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xfire
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xfire
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e934a63c280de0b0324cf0ef1e62d4a2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

msvcrt

Sections

.xfire Size: 20KB - Virtual size: 20KB

.xfire Size: 4KB - Virtual size: 4KB

.xfire Size: 16KB - Virtual size: 16KB

.xfire Size: 28KB - Virtual size: 28KB

.avc Size: 4KB - Virtual size: 4KB

.xfire
Size: 20KB - Virtual size: 20KB

.xfire
Size: 4KB - Virtual size: 4KB

.xfire
Size: 16KB - Virtual size: 16KB

.xfire
Size: 28KB - Virtual size: 28KB

.avc
Size: 4KB - Virtual size: 4KB