d642946300512db5b70cbb089301d4030ffe0e4a1492c6ffc5f3e7c8ba99959f

Sharing

Copy URL Twitter E-mail

General

Target

d642946300512db5b70cbb089301d4030ffe0e4a1492c6ffc5f3e7c8ba99959f
Size

88KB
MD5

19d95c160b947be18989f118ea50d248
SHA1

77e6fdb8124431a38659d6e40f068eda408b9323
SHA256

d642946300512db5b70cbb089301d4030ffe0e4a1492c6ffc5f3e7c8ba99959f
SHA512

c8f92430ab408b1e8bb5ad0327e36aa7a0f99c89c9f044be363483ee5aa5501129f1a43914091c282669cb5d428d8785073764dbdc7a90c0626267e282dd3f1d
SSDEEP

1536:l/axCujjLXMkZkOGlhEVnfCjJ6IeTGmbsGHlXF2Nvld:oCKPZkOGUVnfCjQQhKV2Nvld

Score

N/A

Malware Config

Signatures

Files

d642946300512db5b70cbb089301d4030ffe0e4a1492c6ffc5f3e7c8ba99959f
.exe windows x86

f5524c6ae5ffe61af52a0adb8f9285f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetLocalTime
WaitForSingleObject
ExitProcess
GetTickCount
GetVersionExA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
WriteFile
CreateFileA
GetStartupInfoA
Sleep
CreateSemaphoreA
DeleteFileA
GetPrivateProfileStringA
CloseHandle
lstrlenA
CopyFileA
GetCurrentProcess
CreateDirectoryA
ResetEvent
SetEvent
OpenEventA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
ReleaseSemaphore
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTempPathA
CreateThread
LCMapStringW
LCMapStringA
ReadFile
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
HeapFree
HeapAlloc
GetModuleHandleA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

GetTopWindow

advapi32

RegCloseKey

ole32

CoCreateGuid

ws2_32

select
getpeername
bind
getsockname
ntohs
WSAStartup
WSACleanup
socket
sendto
htons
gethostname
gethostbyname
inet_ntoa
connect
setsockopt
closesocket
recv
send
recvfrom
inet_addr
__WSAFDIsSet
WSAGetLastError

psapi

GetModuleFileNameExA

netapi32

Netbios

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5524c6ae5ffe61af52a0adb8f9285f7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

psapi

netapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 1KB