909565ede6e0cefe50a5cb45bd9818ef1997298f2b0b589e0d46ceb3b323c7f6

Sharing

Copy URL Twitter E-mail

General

Target

909565ede6e0cefe50a5cb45bd9818ef1997298f2b0b589e0d46ceb3b323c7f6
Size

144KB
MD5

0ecc30f6dbd5cdb5aceffbc247044006
SHA1

5952e5ab91f84faf3308be87b331980b5d63abc2
SHA256

909565ede6e0cefe50a5cb45bd9818ef1997298f2b0b589e0d46ceb3b323c7f6
SHA512

bab155d1feccbb1ff87c6b354554606013aea4587651b35c503382a3624373d6f43bf5a6f91c61af81b5c8aa8a85300cbd89b2ac0a4ae4ac777f2a85470fddf6
SSDEEP

3072:8Af1OiurdMqR2Pa/HaG2fKv037NeVnilWIHrayTlBJx:YiuhjR2Pa/HaMvYlxLFTlx

Score

N/A

Malware Config

Signatures

Files

909565ede6e0cefe50a5cb45bd9818ef1997298f2b0b589e0d46ceb3b323c7f6
.exe windows x86

abc5aae18471893ee93db4de6cf42b50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetSystemTime
GetTimeFormatA
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MoveFileExA
ReadFile
ReleaseMutex
SetFileAttributesA
Sleep
GetLastError
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrlenA
FindFirstFileA
GetFileSize
FindNextFileA
GetDateFormatA
FindClose
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMutexA
CreateFileMappingA
CreateFileA
CopyFileA
SystemTimeToFileTime
CloseHandle

user32

wsprintfA

ws2_32

closesocket
connect
gethostbyaddr
gethostbyname
inet_addr
recv
select
WSAStartup
WSACleanup
send
socket

advapi32

CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptGetHashParam
CryptHashData
CryptReleaseContext
RegCloseKey
RegCreateKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryW
FindFirstUrlCacheEntryA
FindCloseUrlCache

ole32

CoTaskMemFree

dnsapi

DnsQuery_A
DnsRecordListFree

crypt32

CryptUnprotectData

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nnvficb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abc5aae18471893ee93db4de6cf42b50

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

wininet

ole32

dnsapi

crypt32

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 92KB - Virtual size: 93KB

nnvficb Size: - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 92KB - Virtual size: 93KB

nnvficb
Size: - Virtual size: 4KB