e72517682718ee8f2259b60e5a78336207065836a570afbe291dc745e2ca3bea

Sharing

Copy URL Twitter E-mail

General

Target

e72517682718ee8f2259b60e5a78336207065836a570afbe291dc745e2ca3bea
Size

64KB
MD5

86b948c6d047c14d02dce990c15e001a
SHA1

f053607e9cab8cb89a00ed50621250e20bd7eca2
SHA256

e72517682718ee8f2259b60e5a78336207065836a570afbe291dc745e2ca3bea
SHA512

ccfa8112d8daa6ed42d636f8f7bd113b4a6b66c93d9c285fdaf63f262cc4eac972e0e87adbfe60805da4345edebfce12f82d82a1532ba514df085ecff07a27f0
SSDEEP

768:GN8Bd/MaYjF+gtm1YDzvu7YREO7tUZkCWbRpm3kA099/dmBEtkz:GN8BdkaQ5PRx5gkXBPNtkz

Score

N/A

Malware Config

Signatures

Files

e72517682718ee8f2259b60e5a78336207065836a570afbe291dc745e2ca3bea
.exe windows x86

492201342f4dc2b48260b91f65e35b74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
shutdown
connect
setsockopt
inet_addr
htons
socket
WSACleanup
inet_ntoa
gethostbyname
gethostname
WSAStartup
recv
send

kernel32

GetProcAddress
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
CreateFileA
ReadFile
CloseHandle
WriteFile
CopyFileA
Sleep
DeleteFileA
GetLogicalDriveStringsA
CreateMutexA
GetLastError
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetEnvironmentVariableA
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount

user32

SetTimer
GetMessageA
DefWindowProcA
DispatchMessageA
RegisterClassExA
TranslateMessage
CreateWindowExA
PostQuitMessage

shell32

ShellExecuteA

wininet

InternetConnectA
FtpOpenFileA
InternetReadFile
InternetCloseHandle
InternetWriteFile
FtpGetFileA
FtpPutFileA
InternetOpenA

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

492201342f4dc2b48260b91f65e35b74

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

shell32

wininet

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 19.1MB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 19.1MB

.rsrc
Size: 4KB - Virtual size: 176B