a526ded21dfe6ec90b6a86b6adcad734f2cbac13a3296102498501af16f7cce1

Sharing

Copy URL Twitter E-mail

General

Target

a526ded21dfe6ec90b6a86b6adcad734f2cbac13a3296102498501af16f7cce1
Size

32KB
MD5

384c43c955ba0af325e928a3bf498101
SHA1

3bc8fe33b808815922a169d5fda184b6154a54d3
SHA256

a526ded21dfe6ec90b6a86b6adcad734f2cbac13a3296102498501af16f7cce1
SHA512

6d2146f730bd22e34ff3871aa3241fe87f30b09c4e1223196132110255ede130ffa47e84ad5ec16d74970bc8e8c5d0fedb31f50d7f3d49b29ba3308792552ecf
SSDEEP

768:QxwY+e0TRQO03XIIrbcbZG1151sW7GprB:QKY+e0TKbXIIrYtkaprB

Score

N/A

Malware Config

Signatures

Files

a526ded21dfe6ec90b6a86b6adcad734f2cbac13a3296102498501af16f7cce1
.exe windows x86

f00a4bd3fa86187b60a9d68791c08873

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
ResumeThread
GetShortPathNameA
lstrlenA
GetLastError
CopyFileA
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
ExitThread
WaitForSingleObject
CloseHandle
CreateThread
GetModuleFileNameA
SetFileAttributesA
GetVersionExA
GlobalMemoryStatus
GetEnvironmentVariableA
Sleep

user32

wsprintfA

advapi32

StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
CreateServiceA

mfc42

ord800
ord2764
ord2846
ord537
ord6877
ord939
ord2818
ord4278
ord860
ord6663
ord858
ord535
ord540
ord924
ord926

msvcrt

printf
srand
time
atoi
strncmp
_except_handler3
__dllonexit
_onexit
rand
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strstr
free
exit
_exit
__CxxFrameHandler
_itoa

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

ws2_32

send
WSAGetLastError
recv
connect
htons
closesocket
WSAStartup
sendto
htonl
setsockopt
WSASocketA
inet_addr
socket
gethostbyname

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f00a4bd3fa86187b60a9d68791c08873

Headers

File Characteristics

Imports

kernel32

user32

advapi32

mfc42

msvcrt

msvcp60

ws2_32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 4KB