930886f0ecf72ea3fdcd850f0bc6b69688766a1a7f90cce050b47314a316862b

Sharing

Copy URL Twitter E-mail

General

Target

930886f0ecf72ea3fdcd850f0bc6b69688766a1a7f90cce050b47314a316862b
Size

97KB
MD5

0a15b900f2ab9985a0608b323485c5f7
SHA1

cba35ab9e589aaabae78f40d42318ffdb12b268d
SHA256

930886f0ecf72ea3fdcd850f0bc6b69688766a1a7f90cce050b47314a316862b
SHA512

d97c9d57729e497a93be1b37677414cbee9ea335f87704fb28f5964be531c90255ab69581dba783629214ad1ea8fdf3b769e6d465becf03d503826aa19a5d491
SSDEEP

1536:S5eDwHCA1srPVdPaMKUuSDl95eM1nEy/Mnpnb9XiPUEfJyBar2M/Tu:FD/Aa+1Sp95eeEyKppQUEsa5/S

Score

N/A

Malware Config

Signatures

Files

930886f0ecf72ea3fdcd850f0bc6b69688766a1a7f90cce050b47314a316862b
.exe windows x86

aee67ba8393e41c2db324095eaba4c10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname

kernel32

lstrcmpA
LoadResource
EndUpdateResourceW
UnlockFile
SleepEx
EnumTimeFormatsW
SizeofResource
FormatMessageW
GetFileAttributesA
GlobalFlags
SetConsoleMode
IsBadStringPtrA
FindResourceA
GetStdHandle
FindFirstFileA
GetLastError
GetProcAddress
GetFileType
GetExitCodeThread
LockResource
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
CompareStringA
LocalSize
CreateFileA
VerifyVersionInfoW
SetHandleCount
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
ExitProcess
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

GetUserNameA
RegQueryValueExA
AdjustTokenPrivileges

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aee67ba8393e41c2db324095eaba4c10

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

advapi32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 42KB - Virtual size: 41KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 42KB - Virtual size: 41KB