a4e6d0e7079991cfc557c9257c6ab977e4c66279022bac3a1a420f30e9d16508

Sharing

Copy URL

Twitter E-mail

General

Target

a4e6d0e7079991cfc557c9257c6ab977e4c66279022bac3a1a420f30e9d16508
Size

156KB
MD5

1f357aee65a5868c8f791fc4be3a1200
SHA1

18f38917201f0c4a3ed978901774e8a771e0218c
SHA256

a4e6d0e7079991cfc557c9257c6ab977e4c66279022bac3a1a420f30e9d16508
SHA512

c2d7c6df38dab85e53650cfbec67ee3bfb3723026e772f70b0b45f0079916bf7d6e1e17870e5e814228a364e71f89de9194749ac6853e399155fd4faf02660cd
SSDEEP

3072:LZFIz2DqqOM30eA4MNGxyGnr4IqjWDD0xWq+fqQM5l7Cb:LZFIzKlOMkeA4MoPr4sZqwJMz7Cb

Score

N/A

Malware Config

Signatures

Files

a4e6d0e7079991cfc557c9257c6ab977e4c66279022bac3a1a420f30e9d16508
.exe windows x86

af1daa0a4207dc98981770a5ce2263bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
VirtualFree
EnterCriticalSection
InterlockedExchange
CancelIo
lstrcmpA
GetPrivateProfileStringA
GetVersionExA
lstrcatA
GetWindowsDirectoryA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
DeleteFileA
GetLastError
CreateDirectoryA
lstrcpyA
lstrlenA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
LocalReAlloc
LocalAlloc
CloseHandle
GetFileSize
ReadFile
SetFilePointer
MoveFileA
CreateProcessA
CreateThread
InitializeCriticalSection
lstrcmpiA
WriteFile
CreateFileA
GetSystemDirectoryA
HeapFree
HeapAlloc
GetProcessHeap
LocalSize
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetTickCount
WaitForMultipleObjects
TerminateProcess
OpenProcess
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
GetSystemInfo
GetComputerNameA
SetErrorMode
GetModuleHandleA
GetStartupInfoA
RaiseException

msvcrt

memmove
ceil
_ftol
strlen
strstr
memcmp
strchr
strcmp
strcpy
malloc
free
_except_handler3
sprintf
atoi
strrchr
strncmp
strncpy
strcat
_errno
wcscpy
strncat
_CxxThrowException
calloc
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strnicmp
_strrev
putchar
??2@YAPAXI@Z
memset
__CxxFrameHandler
puts
memcpy
_beginthreadex
??3@YAXPAX@Z
_strcmpi

ws2_32

accept
listen
sendto
recvfrom
__WSAFDIsSet
getpeername
inet_ntoa
send
closesocket
select
recv
bind
getsockname
connect
ntohs
socket
gethostbyname
htons
setsockopt
WSAIoctl
inet_addr

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

netapi32

NetUserAdd
NetLocalGroupAddMembers

userenv

CreateEnvironmentBlock

Sections

.data
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af1daa0a4207dc98981770a5ce2263bc

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

msvcp60

netapi32

userenv

Sections

.data Size: 148KB - Virtual size: 146KB

.rsrc Size: 4KB - Virtual size: 376B

.data
Size: 148KB - Virtual size: 146KB

.rsrc
Size: 4KB - Virtual size: 376B