85e3b1fb3fbe83ff9bf04fc65583cb6e65d9a0e17f1b1c002c25a23dff2cb5d2

Sharing

Copy URL Twitter E-mail

General

Target

85e3b1fb3fbe83ff9bf04fc65583cb6e65d9a0e17f1b1c002c25a23dff2cb5d2
Size

244KB
MD5

155e5b6392afc227a124d558dde13500
SHA1

a0050e6a34af82a3bf29abd43926df7887acc731
SHA256

85e3b1fb3fbe83ff9bf04fc65583cb6e65d9a0e17f1b1c002c25a23dff2cb5d2
SHA512

a9f24c23b84c67d0d707c60257a8e7d0bd78b175be453bb86dfee964b3d387797614bef11de27153f55fb14eb10248465a7ee002394d2715cc59c383da78a174
SSDEEP

3072:OSxD7A0cqX58K+FRtWQpMNBL+xASY5RFtopFWCTV:OSxD80xX58KagQpMYASYRK/

Score

N/A

Malware Config

Signatures

Files

85e3b1fb3fbe83ff9bf04fc65583cb6e65d9a0e17f1b1c002c25a23dff2cb5d2
.exe windows x86

dd7fca036de009cb0b4ace83800a49d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
LCMapStringW
LCMapStringA
SetStdHandle
ResumeThread
GetLastError
CreateThread
TlsSetValue
TlsGetValue
ExitThread
CloseHandle
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
GetCurrentThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
DeleteCriticalSection
FatalAppExitA
HeapAlloc
HeapReAlloc
HeapFree
VirtualFree
VirtualAlloc
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
ReadFile
GetLocaleInfoW

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

ws2_32

recv
select
send
socket
ioctlsocket
htons
inet_addr
connect
WSAGetLastError
closesocket
WSAStartup

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd7fca036de009cb0b4ace83800a49d6

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 25KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 25KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 8KB