fadc7d4c43dc9779f2dde200b20907c0bd8fe7e669a896b08a149a396ca4401a

Sharing

Copy URL Twitter E-mail

General

Target

fadc7d4c43dc9779f2dde200b20907c0bd8fe7e669a896b08a149a396ca4401a
Size

68KB
MD5

dadaa8f4a74e337db499f51d80046db7
SHA1

d86cc9ff6f03da2ff4dbc1448081ee8dc6a4a566
SHA256

fadc7d4c43dc9779f2dde200b20907c0bd8fe7e669a896b08a149a396ca4401a
SHA512

4d531e12c92b2ee249add9ff2bf26ae018c18afed04c8500068a77d6ad60ea38c4c4d10f18a4030e110c2e595a77baa1b1130eeef2bd3288f1ea72fa18f7b1fd
SSDEEP

768:7IDpIBNpzzZEDsVcWJf3fdiGr+r6O/OhqGLMDH2kp9TflIckyIh:7IDKdREDsVcmWWrrLMz2MN9IbyI

Score

N/A

Malware Config

Signatures

Files

fadc7d4c43dc9779f2dde200b20907c0bd8fe7e669a896b08a149a396ca4401a
.exe windows x86

eacc2d7e648827bf41e23d221c921ab1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetSystemDirectoryA
SetSystemTime
GetSystemTime
WinExec
GetFileSize
FreeLibrary
LoadLibraryA
lstrcpynA
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetLastError
CreateFileW
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
Module32First
OpenProcess
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
CreateDirectoryA
SetEvent
GetModuleFileNameA
WaitForSingleObject
ResetEvent
OpenEventA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
GetVersionExA
VirtualFree
VirtualAlloc
CopyFileA
GlobalFree
LoadLibraryExA
GlobalAlloc
GetCurrentDirectoryW
lstrcpyW
GetStartupInfoA
ExitProcess
GetStdHandle
lstrlenA
GetTempPathA
lstrcatA
GetModuleHandleA
GetProcAddress
WriteFile
FlushFileBuffers
lstrcpyA
DeleteFileA
CreateFileA
DeviceIoControl
CloseHandle
GetTickCount
CreateThread
IsDebuggerPresent
CreateEventA
Sleep

ws2_32

WSCEnumProtocols
WSCWriteProviderOrder
WSCInstallProvider
bind
listen
select
__WSAFDIsSet
socket
inet_addr
htons
connect
WSAGetLastError
accept
recv
closesocket
send
WSAStartup
gethostname
gethostbyname
inet_ntoa

user32

FindWindowA
SendMessageA
ShowWindow
wsprintfA
wvsprintfA
IsCharAlphaNumericA

advapi32

CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
ChangeServiceConfigA
StartServiceA
DeleteService
ChangeServiceConfig2A
CreateServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegCreateKeyA
QueryServiceStatus

shell32

ShellExecuteA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nbxz0
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eacc2d7e648827bf41e23d221c921ab1

Headers

File Characteristics

Imports

kernel32

ws2_32

user32

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 51KB

.nbxz0 Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 528B

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 51KB

.nbxz0
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 528B