fcf086688da460710ab5e23e858d08384a3ac06101efb4bcbd0c170298b0d99a

General

Target

fcf086688da460710ab5e23e858d08384a3ac06101efb4bcbd0c170298b0d99a
Size

30KB
MD5

e1d68bb7c946f690e02a1ee250da11bc
SHA1

7d816ee22810d5c69d0fda31a90c5f356532fdc9
SHA256

fcf086688da460710ab5e23e858d08384a3ac06101efb4bcbd0c170298b0d99a
SHA512

4b78658bf18802a2cd120275a38d8fdee2f2c1876c6b789497c22b9bcab809bd7612a1ce40008b995c315fc6d08fd67f5167a77022d270d4606d0fe69cf21fc9
SSDEEP

384:RYcF8YT27YeqbHsNeyvyqjW6ml2ICTfBSOrJ5939oE5Fd5h2mx4Zffyfwt0Is:RYcqGqYmTvI0HfB7ngE5Fd5RxYyfwtf

Score

N/A

Malware Config

Signatures

Files

fcf086688da460710ab5e23e858d08384a3ac06101efb4bcbd0c170298b0d99a
.exe windows x86

d8497f30d530a54fed2aa1f56b964a87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
connect
ioctlsocket
inet_addr
WSAStartup
gethostbyname
inet_ntoa
closesocket
recv
WSACleanup
select
send
htons
socket

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

kernel32

GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FlushFileBuffers
LCMapStringA
RtlUnwind
FindNextFileA
ExitProcess
Sleep
GetLastError
OutputDebugStringA
SetLastError
GetModuleHandleA
ReadProcessMemory
GetCurrentProcess
GetProcAddress
ReleaseMutex
ExpandEnvironmentStringsA
GetTempPathA
GetTickCount
ExitThread
GlobalFree
WinExec
lstrcatA
lstrlenA
GetModuleFileNameA
GlobalAlloc
CreateMutexA
CreateThread
CloseHandle
CreateProcessA
CopyFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
WriteFile
GetFileSize
CreateFileA
FindClose
LCMapStringW
GetFullPathNameA
SetCurrentDirectoryA
FindFirstFileA
GetDriveTypeA
GetSystemDirectoryA
GetVersionExA
GetLocaleInfoA
SetFileAttributesA
LoadLibraryA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree

user32

CharLowerA
wsprintfA

urlmon

URLDownloadToFileA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8497f30d530a54fed2aa1f56b964a87

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

kernel32

user32

urlmon

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 12KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 12KB