c1942051929f4c8b645e39d63150ebe6db3f99ba494c9932d3080190d7d40c34

Sharing

Copy URL Twitter E-mail

General

Target

c1942051929f4c8b645e39d63150ebe6db3f99ba494c9932d3080190d7d40c34
Size

100KB
MD5

9617dd925e232328730d76d891de70f2
SHA1

673e7ed5e05c85a84aadcd00d7c52a5428c83b16
SHA256

c1942051929f4c8b645e39d63150ebe6db3f99ba494c9932d3080190d7d40c34
SHA512

8896a05071cb91c2653ebe7f661b8edd5c5d0d970165e654806587c5f55651230f0b0b767814fd31ed0704eb87db1754111a803b58b317d01ee0dd260a710fee
SSDEEP

1536:jZMWC1O1EWlA1ZqOD89NCI5rPDh+k/YGvk6PS54mAO7EMtWy3:jKs1ESA8988DLYGI54mAO7xtWy3

Score

N/A

Malware Config

Signatures

Files

c1942051929f4c8b645e39d63150ebe6db3f99ba494c9932d3080190d7d40c34
.exe windows x86

2ac1847d2f96c252e8ff50ea38ea4d25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

send
recv
WSAGetLastError
connect
select
__WSAFDIsSet
inet_addr
gethostbyname
htons
ioctlsocket
socket
closesocket
WSACleanup
WSAStartup

kernel32

SetStdHandle
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointer
lstrcmpiA
lstrlenA
lstrcpyA
Sleep
lstrcmpA
GetProcAddress
LoadLibraryA
CreateProcessA
GetStartupInfoA
CloseHandle
WriteFile
CreateFileA
WriteConsoleA
lstrcatA
GetWindowsDirectoryA
LockResource
LoadResource
SizeofResource
FindResourceA
ExitProcess
GetModuleFileNameA
DeleteFileA
VirtualFree
VirtualAlloc
GetTickCount
GetSystemTime
GetDiskFreeSpaceExA
GlobalMemoryStatus
lstrcpynA
GetVersionExA
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetFileAttributesA
GetCommandLineA
RtlUnwind
GetSystemTimeAsFileTime
GetLastError
HeapFree
HeapAlloc
RaiseException
GetProcessHeap
VirtualQuery
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetStdHandle
HeapSize
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetCursorPos
wsprintfA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ac1847d2f96c252e8ff50ea38ea4d25

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B