ec3ecaa40b657df9d7a3e6ccf64546c3fa0c6d1a406fa690bf018098b4153a1b

Sharing

Copy URL

Twitter E-mail

General

Target

ec3ecaa40b657df9d7a3e6ccf64546c3fa0c6d1a406fa690bf018098b4153a1b
Size

256KB
MD5

5e3d38db66e0fe31b67f03e7e76d4b0b
SHA1

fb29179ab348f1d157b4d8b29c4c0c61ba8c639a
SHA256

ec3ecaa40b657df9d7a3e6ccf64546c3fa0c6d1a406fa690bf018098b4153a1b
SHA512

1e2447529e9e86f9e2ce57738d6fdd163dded0cf7de93d799b9f2155a25324445312f2e296090b229cdcf75231243eab9fec71e7c89dbf3d38b1a38080497ea9
SSDEEP

3072:6oNb8sCCr31FxVXnO+xHblnnMx2bDK5SrU82yaE1lZl:nNbvCCjx9O+Vbo2bDKs6GT

Score

N/A

Malware Config

Signatures

Files

ec3ecaa40b657df9d7a3e6ccf64546c3fa0c6d1a406fa690bf018098b4153a1b
.exe windows x86

a13184f16fd11edd24080f3292b829d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

select
recv
gethostbyname
__WSAFDIsSet
WSAStartup
htons
WSACleanup
gethostname
socket
connect
closesocket
send

wininet

InternetWriteFile
FtpOpenFileA
FtpCreateDirectoryA
InternetCloseHandle
InternetCheckConnectionA
InternetAutodial
InternetOpenA
InternetConnectA
FtpSetCurrentDirectoryA

kernel32

GetProcAddress
LoadLibraryA
lstrlenA
lstrcatA
lstrcmpA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
GetModuleFileNameA
CreateThread
CloseHandle
SetFilePointer
WriteFile
CreateFileA
GetLocalTime
CreateDirectoryA
CreateProcessA
GetTickCount
Sleep
OpenProcess
TerminateThread
OutputDebugStringA
GetSystemTime
GetExitCodeThread
GetVersion
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetCommandLineA
GetStartupInfoA
WriteProfileStringA
GetCurrentDirectoryA
CopyFileA
lstrcpynA
GetLastError
CreateMutexA
FreeLibrary
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
VirtualAlloc
GetCurrentProcess
TerminateProcess
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetStdHandle
DebugBreak
ExitProcess
GetModuleHandleA
GetTimeZoneInformation
GetLocaleInfoW
lstrcpyA
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
ReadFile
SetEndOfFile
LCMapStringA
LCMapStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
HeapValidate
IsBadReadPtr
IsBadWritePtr

user32

GetSystemMetrics
ToAscii
GetKeyState
GetKeyboardState
GetKeyNameTextA
CallNextHookEx
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
ReleaseDC
GetDC
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
LoadCursorA
RegisterClassExA
SetTimer
LoadStringA
wsprintfA
GetWindowThreadProcessId
GetWindowTextLengthA
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA
GetAsyncKeyState
GetMessageA
TranslateMessage
DispatchMessageA
MapVirtualKeyA
GetForegroundWindow
GetCursorPos
GetWindowTextA
GetDesktopWindow

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
SetPixel
GetDIBits
DeleteDC
DeleteObject

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
RegSetValueExA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
StartServiceA
GetUserNameA
RegCloseKey
RegCreateKeyA
RegDeleteValueA
RegEnumValueA

ole32

CoFreeUnusedLibraries
CoInitialize
CoUninitialize

vic32

ord121
ord16
ord36
ord47
ord7
ord3
ord23

Exports

Exports

?LogSendBack@LOG@@YGHXZ
KeyHookMsg

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a13184f16fd11edd24080f3292b829d0

Headers

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

gdi32

advapi32

ole32

vic32

Exports

Exports

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 12KB - Virtual size: 24KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 12KB - Virtual size: 24KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB