d276ff24cd354888af45dc6d2925ba5759510f2a18de6bba9e394290e0cffa83

Sharing

Copy URL

Twitter E-mail

General

Target

d276ff24cd354888af45dc6d2925ba5759510f2a18de6bba9e394290e0cffa83
Size

74KB
MD5

4039ef70558ff83a1e527e2f3ea12876
SHA1

68fc8a8ad24d648bff771c49c573366116a88517
SHA256

d276ff24cd354888af45dc6d2925ba5759510f2a18de6bba9e394290e0cffa83
SHA512

b8f1bc8ab266f89e98c7d4712024c0db997bbd4f3c97165b99c32b8e47c422c8258d62c37e91d7c98f2baa0b86ec4a2998bf7d270366bded0c152b841a1a0fc4
SSDEEP

1536:UfySbXkdd4zCYgAXIEpBtilVn3udUX5U58b0fJJVIRt9/:aIm/ilVn3uY59MJJiRt9/

Score

N/A

Malware Config

Signatures

Files

d276ff24cd354888af45dc6d2925ba5759510f2a18de6bba9e394290e0cffa83
.exe windows x86

fd962ea3a8897d9e2936d6e7afd2369a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
ioctlsocket
ntohl
htonl
gethostname
inet_ntoa
getsockname
gethostbyname
select
WSAStartup
inet_addr
connect
send
recv
closesocket
htons
socket
setsockopt
bind
listen
accept
WSACleanup

shell32

SHGetFolderPathA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA

kernel32

LCMapStringA
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
LCMapStringW
UnhandledExceptionFilter
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
HeapReAlloc
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
lstrcmpiA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
Sleep
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
CloseHandle
GetProcAddress
GetModuleHandleA
ExitProcess
CreateProcessA
ExitThread
CreateThread
GetModuleFileNameA
TerminateProcess
CreateDirectoryA
CopyFileA
WriteFile
ReadFile
GetStartupInfoA
GlobalAlloc
SetFileAttributesA
WaitForSingleObject
CreateMutexA
SetErrorMode
SetEndOfFile
GetTickCount
GetTempPathA
GetLastError
GetVersionExA
TerminateThread
ExpandEnvironmentStringsA
GetFileAttributesA
CreateFileA
GlobalFree
WinExec
lstrcatA
lstrlenA
LoadLibraryA
MultiByteToWideChar
SetFileTime
GetFileTime
GetSystemDirectoryA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetDriveTypeA
GetLogicalDriveStringsA
GetVersion
GetCommandLineA
HeapFree
HeapAlloc

user32

wsprintfA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd962ea3a8897d9e2936d6e7afd2369a

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

wininet

kernel32

user32

version

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 32KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 32KB