c40dd5d0f53f0aeaf4b49b1a25d24d2f9bd2a64b4c662712a48df3e591662888

General

Target

c40dd5d0f53f0aeaf4b49b1a25d24d2f9bd2a64b4c662712a48df3e591662888
Size

56KB
MD5

fe3518990e4073b497913ebe898a4856
SHA1

4eba5bb5379b49a37185ae6f4db8ecfa95becdac
SHA256

c40dd5d0f53f0aeaf4b49b1a25d24d2f9bd2a64b4c662712a48df3e591662888
SHA512

fb809b12eb04b2fbc786573f2abef5e8038cc44e5e5b24fc1856ff35ad5a75750c4050e20726cf4645216d6625ac769d470660a9975f988d36fc3a48058c5a21
SSDEEP

768:YqHl1D6LABDUoW7yw3w/u7LZCzHSN3EVAQ7zR8irhx/DgroGzYe887kYAcud:YqPWoWp3w27LZkK+zHV1DE0e88sDd

Score

N/A

Malware Config

Signatures

Files

c40dd5d0f53f0aeaf4b49b1a25d24d2f9bd2a64b4c662712a48df3e591662888
.exe windows x86

ee51f73a50f842c856310af38658e2d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
lstrcmpA
GetCurrentProcessId
HeapAlloc
GetProcessHeap
DeleteFileA
GetSystemDirectoryA
GetVersionExA
GetSystemInfo
GlobalMemoryStatus
CopyFileA
GetModuleFileNameA
WriteFile
GetFileAttributesA
GetStartupInfoA
GlobalAlloc
TerminateProcess
GetProcAddress
LoadLibraryA
TerminateThread
CreateThread
HeapSize
LCMapStringW
LCMapStringA
VirtualProtect
GetTickCount
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
GetModuleHandleA
VirtualProtectEx
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcess
CloseHandle
GetLocaleInfoA
SetStdHandle
GetCPInfo
GetOEMCP
FlushFileBuffers
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
HeapReAlloc
VirtualAlloc
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
HeapFree
GetStdHandle
UnhandledExceptionFilter

user32

GetDesktopWindow
wsprintfA
MessageBoxA

advapi32

OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

ShellExecuteA

ws2_32

recv
setsockopt
WSAConnect
send
WSAStartup
WSASocketA
gethostbyname
htons
inet_ntoa
WSACleanup
inet_addr
socket
sendto

iphlpapi

GetNetworkParams

urlmon

URLDownloadToFileA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee51f73a50f842c856310af38658e2d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

iphlpapi

urlmon

Sections

.text Size: 40KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 14KB

.text
Size: 40KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 14KB