bc1fcf464fd459682d94f1051a467fea485a820d031a19edf6f14aa595d021b8

Sharing

Copy URL Twitter E-mail

General

Target

bc1fcf464fd459682d94f1051a467fea485a820d031a19edf6f14aa595d021b8
Size

124KB
MD5

4f9b0b82e1b634e43a6998f7200e4fdc
SHA1

c351cef8b79664177c81447f2d4df12b51f4d9d8
SHA256

bc1fcf464fd459682d94f1051a467fea485a820d031a19edf6f14aa595d021b8
SHA512

4e923d7d4c8090cf635737db54149da73fda4bdd195cccc4b71c0512b632a6ae61e3fba8090e0e1c8668a3f6c66c74864ab8bec8371fa48200aa22f68b6f5b2c
SSDEEP

1536:oX1RgCBfH9UsNryxhhMWwlnqvJToEWis8DlPfsp87L8PlcFZB:olHUEOhCvlnqGQDlPDqlcB

Score

N/A

Malware Config

Signatures

Files

bc1fcf464fd459682d94f1051a467fea485a820d031a19edf6f14aa595d021b8
.exe windows x86

d851b71941c2d83d602ed3aaa4476cd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
Process32First
CreateToolhelp32Snapshot
TerminateProcess
lstrcmpiA
GetVersionExA
GetTickCount
GetLastError
LocalFree
GetPriorityClass
DeviceIoControl
CreateFileA
GetVersion
CreateMutexA
GlobalFree
GetCommandLineW
CreateThread
SetEndOfFile
GetLocaleInfoA
Module32First
CloseHandle
Process32Next
CreateProcessA
MoveFileA
CopyFileA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FormatMessageA
FindClose
HeapSize
IsBadCodePtr
IsBadReadPtr
LCMapStringW
LCMapStringA
InterlockedExchange
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
CompareStringW
GetCPInfo
MultiByteToWideChar
CompareStringA
ReadFile
HeapAlloc
HeapFree
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
ExitProcess
SetEnvironmentVariableA
SetCurrentDirectoryA
DeleteFileA
CreateDirectoryA
HeapReAlloc
DuplicateHandle
GetCurrentProcess
RtlUnwind
RaiseException
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WideCharToMultiByte
WriteFile
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualProtect
GetSystemInfo
VirtualQuery
GetFileAttributesA
SetHandleCount
GetStdHandle
GetFileType
CreatePipe
GetExitCodeProcess
WaitForSingleObject
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

wsprintfA

advapi32

RegQueryValueExA
RegCloseKey
DeleteService
ControlService
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegOpenKeyExA

shell32

CommandLineToArgvW

ws2_32

htons
htonl
setsockopt
bind
socket
WSAStartup
select
__WSAFDIsSet
closesocket
accept
recv
send
listen

psapi

GetProcessMemoryInfo

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d851b71941c2d83d602ed3aaa4476cd4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

psapi

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 60KB - Virtual size: 62KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 60KB - Virtual size: 62KB