b1922e7d64dcbc85940e7957349c07eb50680916945697febdcf14151715ab5d

Sharing

Copy URL Twitter E-mail

General

Target

b1922e7d64dcbc85940e7957349c07eb50680916945697febdcf14151715ab5d
Size

2.6MB
MD5

a1cd4c680a604a01604147dc9553cf9d
SHA1

4bec4ed64151b7a8d741e2b6f952bce403eeca45
SHA256

b1922e7d64dcbc85940e7957349c07eb50680916945697febdcf14151715ab5d
SHA512

d4ed20153b36e3e269412c210ac8c3b3ad7ddcda7d82517b8f79a2cb2a0738f984372d64b5bee433fc03ccd0de115e789bdd8d2dd234b02c509c24c5042f8ce6
SSDEEP

49152:MfNap3Z8V9RPsT3uVT/pNlt9+HKoY++x7qqUkzO8:MFa5QbvLlt9cKl++xDz

Score

N/A

Malware Config

Signatures

Files

b1922e7d64dcbc85940e7957349c07eb50680916945697febdcf14151715ab5d
.exe windows x86

8889424aac4142ea1d67164e8ae77704

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetTickCount
GetVolumeInformationW
GetSystemTime
QueryPerformanceCounter
GetLocalTime
MoveFileExW
CreateFileW
GetModuleHandleW
GetDateFormatW
LoadResource
SetSystemPowerState
FindNextFileW
GetCommandLineW
FindClose
FindFirstFileW
WriteConsoleA
DeleteFileW
GetStringTypeA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetModuleFileNameA
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
CloseHandle
CreateProcessW
VirtualProtect
Sleep
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
GetStringTypeW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
ExitProcess
GetVersion
WideCharToMultiByte

user32

RegisterHotKey
GetClassNameW
EnumWindows
GetClassInfoExW
GetDC
GetWindowLongW
DrawTextW
DefWindowProcW
ReleaseDC
CheckMenuRadioItem
DispatchMessageW
DeferWindowPos
TranslateMessage
IsWindowEnabled
GetAsyncKeyState

gdi32

CreateSolidBrush
GetBkColor
CreatePatternBrush

ws2_32

getsockopt
recvfrom
send
ntohs
recv
getservbyport
socket
getservbyname
getprotobynumber
htons
setsockopt

version

GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetGetLastResponseInfoW
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
HttpQueryInfoW
InternetQueryDataAvailable
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetWriteFile

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 480KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 821KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icon
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8889424aac4142ea1d67164e8ae77704

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

version

wininet

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 480KB - Virtual size: 477KB

.data Size: 36KB - Virtual size: 821KB

.tls Size: 4KB - Virtual size: 100B

.rsrc Size: 4KB - Virtual size: 2KB

.icon Size: 28KB - Virtual size: 26KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 480KB - Virtual size: 477KB

.data
Size: 36KB - Virtual size: 821KB

.tls
Size: 4KB - Virtual size: 100B

.rsrc
Size: 4KB - Virtual size: 2KB

.icon
Size: 28KB - Virtual size: 26KB