af850d3adbfb176ca3e1faba782a0a1b5b86c474f61716aabce5884aa82e4d74

General

Target

af850d3adbfb176ca3e1faba782a0a1b5b86c474f61716aabce5884aa82e4d74
Size

252KB
MD5

478dee00144c99e297e747e2dd73d196
SHA1

da7d8908a3369c8765d3546693dabeb580761add
SHA256

af850d3adbfb176ca3e1faba782a0a1b5b86c474f61716aabce5884aa82e4d74
SHA512

58d4c0610d46b1a11374dd10c4ad3575e52a8c368353694dd485bf7d6d1308e11f2c7ba4f18ee60c9d8e978cbd977d34c61f8330464b50bc802cd73c841b2258
SSDEEP

1536:49SKVxv8Cw4jgIqM2DimU+N1sVSOxDSErB5U8:40KVZjDqMMi5g0dSErBy8

Score

N/A

Malware Config

Signatures

Files

af850d3adbfb176ca3e1faba782a0a1b5b86c474f61716aabce5884aa82e4d74
.exe windows x86

90fbcc52d8b82bd016da99b08adaaca8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateProcessA
GetSystemDirectoryA
GetLastError
CreateMutexA
GetTempPathA
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocalTime
DeleteFileA
CloseHandle
WaitForSingleObject
CopyFileA
ExpandEnvironmentStringsA
WriteFile
CreateFileA
GetVersionExA
GlobalMemoryStatus
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetOEMCP
GetACP
GetCPInfo
ReadFile
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
CreateThread
TerminateThread
Sleep
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEndOfFile
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
ExitProcess

user32

FindWindowA
SendMessageA

mpr

WNetAddConnection2A
WNetCancelConnection2A

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA

ws2_32

accept
recv
send
WSASocketA
setsockopt
htonl
listen
WSAGetLastError
gethostbyname
WSAStartup
WSACleanup
inet_ntoa
socket
htons
ioctlsocket
connect
select
closesocket
bind
getsockname
gethostbyaddr
ntohl
WSAAsyncSelect
__WSAFDIsSet
sendto
inet_addr

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

Sections

pec1
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90fbcc52d8b82bd016da99b08adaaca8

Headers

File Characteristics

Imports

kernel32

user32

mpr

advapi32

shell32

ws2_32

wininet

Sections

pec1 Size: 248KB - Virtual size: 248KB

pec1
Size: 248KB - Virtual size: 248KB