982e12584f9f33c8cb14a458ca783ec56c0cb73768c1a4b6632589107be3f7ae

Sharing

Copy URL Twitter E-mail

General

Target

982e12584f9f33c8cb14a458ca783ec56c0cb73768c1a4b6632589107be3f7ae
Size

61KB
MD5

f33a4901969dad19fdbc82dc803cc697
SHA1

14ec7f36cb4e0bf9b29530142132f233fe906675
SHA256

982e12584f9f33c8cb14a458ca783ec56c0cb73768c1a4b6632589107be3f7ae
SHA512

cc2c300535a29d3d7a48a0e62ea740f2cf6561a0c85e904b7c816b3c13758c72acd9e9bd9c249197edd3392687721a0dd7ed1c7ab63a2c4fa633f75c764d47d3
SSDEEP

768:gBNnKC3KIt3HgvQZroqXPcdmWXmb+Nu+8avDOhHO8+9RwkQsXHCEDEnFFY0GULxv:gDndaIZAvoPQm7+n83u8LkPXsj0ULx6u

Score

N/A

Malware Config

Signatures

Files

982e12584f9f33c8cb14a458ca783ec56c0cb73768c1a4b6632589107be3f7ae
.exe windows x86

f2ab0aba9f1da5ef702125b015fa08b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
lstrcmpiA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
CloseHandle
WriteFile
CreateFileA
GetTempPathA
ReleaseMutex
GetTickCount
ExitThread
GetVersionExA
SetFileAttributesA
GetLocaleInfoA
OutputDebugStringA
GetProcAddress
CreateProcessA
ExpandEnvironmentStringsA
CreateMutexA
SetErrorMode
CopyFileA
GetLastError
Sleep
CreateFileW
HeapReAlloc
GetStringTypeW
LCMapStringW
MultiByteToWideChar
WriteConsoleW
SetStdHandle
RtlUnwind
HeapSize
LoadLibraryW
HeapFree
IsValidCodePage
GetOEMCP
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
IsProcessorFeaturePresent
GetStdHandle
GetModuleFileNameW
HeapCreate
RaiseException
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
FlushFileBuffers

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ws2_32

ioctlsocket
inet_addr
gethostbyname
sendto
recv
select
send
htons
socket
connect
WSAStartup
WSACleanup
closesocket

shlwapi

PathRemoveFileSpecA

urlmon

URLDownloadToFileA

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2ab0aba9f1da5ef702125b015fa08b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

shlwapi

urlmon

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB