908b9cf7345ba8539f7792f918e1bd96cbdbb0bd993907b832ecdabc67760b58

Sharing

Copy URL

Twitter E-mail

General

Target

908b9cf7345ba8539f7792f918e1bd96cbdbb0bd993907b832ecdabc67760b58
Size

324KB
MD5

b065360bd81dd70afb6134fce75c46ef
SHA1

7ff2da37899cbaa8311d87b04719a34b4561d217
SHA256

908b9cf7345ba8539f7792f918e1bd96cbdbb0bd993907b832ecdabc67760b58
SHA512

d3f41d606cfc6f852d9a3fc3462e56f06c02ef52218ab3509e93f07c98eb397943a49b6457ddb733d7848d0aaeed91c7b51cdfec7060d771eb572164e3274e67
SSDEEP

6144:9DzexsPX630mmeQB5h90os0SNqNyoag3EloXMe4q:9/ex6XTmmeYe7NoyoayXcq

Score

N/A

Malware Config

Signatures

Files

908b9cf7345ba8539f7792f918e1bd96cbdbb0bd993907b832ecdabc67760b58
.exe windows x86

2fea091428120acb64221214f293a851

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
LoadLibraryW
GetCurrentThreadId
ReleaseMutex
CreateMutexW
DeleteFileA
WaitForSingleObject
GetDiskFreeSpaceExW
TerminateProcess
CreateProcessA
CreateFileA
GlobalMemoryStatus
GetTimeFormatA
GetDateFormatA
GetSystemDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
ExitThread
GetTempPathA
GetLocaleInfoA
GetComputerNameA
CreateThread
TerminateThread
lstrcmpiA
SetErrorMode
GetExitCodeProcess
GetTempPathW
CreatePipe
SearchPathA
SetFileTime
GetFileTime
GetWindowsDirectoryA
SystemTimeToFileTime
GetSystemTimeAsFileTime
SizeofResource
LockResource
LoadResource
FindResourceW
InitializeCriticalSection
CopyFileA
MoveFileA
LeaveCriticalSection
EnterCriticalSection
SetEvent
WideCharToMultiByte
ResetEvent
CreateEventW
SetEndOfFile
SetEnvironmentVariableA
SetCurrentDirectoryW
DeleteFileW
CopyFileW
GetVersionExW
LoadLibraryA
GetProcAddress
GetSystemDirectoryW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VirtualFree
VirtualAlloc
DuplicateHandle
GetTickCount
CreateFileW
ReadFile
GetWindowsDirectoryW
OpenProcess
SetPriorityClass
GetCurrentProcess
CloseHandle
MultiByteToWideChar
ExitProcess
Sleep
SetLastError
lstrlenW
GetProcessHeap
HeapAlloc
GetLastError
HeapReAlloc
HeapFree
GetModuleHandleW
GetModuleFileNameA
GetStdHandle
GetCurrentProcessId
WriteFile
PeekNamedPipe
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
HeapSize
SetFilePointer
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetStartupInfoA
GetVersionExA
GetCommandLineA
GetConsoleMode
GetConsoleCP
RaiseException
GetModuleHandleA
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

wsprintfW
wsprintfA

advapi32

InitiateSystemShutdownW
GetSidSubAuthority
LookupAccountSidW
ControlService
QueryServiceStatus
StartServiceW
OpenServiceW
DeleteService
AllocateAndInitializeSid
FreeSid
OpenServiceA
RegCreateKeyExA
OpenSCManagerW
EnumServicesStatusW
GetUserNameA
GetUserNameW
LsaClose
StartServiceCtrlDispatcherW
LsaAddAccountRights
LsaRemoveAccountRights
RegOpenKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegisterServiceCtrlHandlerW
SetServiceStatus
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2W
CloseServiceHandle
LsaOpenPolicy
LookupAccountNameW

shell32

ShellExecuteA

mpr

WNetAddConnection2W
WNetCancelConnectionW

netapi32

NetUserGetInfo
NetServerDiskEnum
NetUserEnum
NetShareAdd
NetApiBufferFree

wininet

InternetOpenW
InternetCloseHandle
InternetReadFile
InternetOpenUrlA

ws2_32

WSACleanup
closesocket
recv
send
select
connect
ioctlsocket
socket
htons
inet_addr
__WSAFDIsSet
getsockname
sendto
htonl
setsockopt
WSASocketW
WSAStartup
gethostbyname
gethostbyaddr
inet_ntoa
shutdown

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 11.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fea091428120acb64221214f293a851

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

mpr

netapi32

wininet

ws2_32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 20KB - Virtual size: 11.5MB

.rsrc Size: 108KB - Virtual size: 104KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 20KB - Virtual size: 11.5MB

.rsrc
Size: 108KB - Virtual size: 104KB