f9eff1dab8153032714abd34c2260a5f5af276cef39e9194ad8e0af3564cf397

General

Target

f9eff1dab8153032714abd34c2260a5f5af276cef39e9194ad8e0af3564cf397
Size

173KB
MD5

2cdaea84f5e72598eeb1f7a53130a4ce
SHA1

84ab96c434d9a4a94f6dc556e93a8e9da6fb7dbe
SHA256

f9eff1dab8153032714abd34c2260a5f5af276cef39e9194ad8e0af3564cf397
SHA512

a4355e42695f71a53ff282ce0c23d0ae63a260a7707f57c900bc5abcbac281ce58d22bf7d09beceb02e4c066523b5f184d56ebcf7c823131a444d1021fd96791
SSDEEP

3072:c2/jsAFJh8O0F7nlH1kGfJUMg5RxzxzHTEvAEvfAkLAd6eU58JN/dRyED5QegIx://0dnlH1kGfKMgjzzzEFvfAkLAd6epJh

Score

N/A

Malware Config

Signatures

Files

f9eff1dab8153032714abd34c2260a5f5af276cef39e9194ad8e0af3564cf397
.exe windows x86

3fae4a35832e1b46a1fa5d7e16de25b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

BindMoniker
CLIPFORMAT_UserFree
PropVariantChangeType

ws2help

WahCloseApcHelper
WahCreateSocketHandle
WahCreateNotificationHandle
WahCloseNotificationHandleHelper
WahCompleteRequest
WahCloseHandleHelper
WahOpenNotificationHandleHelper
WahCreateHandleContextTable
WahOpenHandleHelper
WahCloseThread
WahCloseSocketHandle

wsock32

GetServiceA
GetTypeByNameA
sethostname
WSARecvEx
NPLoadNameSpaces
TransmitFile
EnumProtocolsA
GetAddressByNameA
SetServiceA
GetNameByTypeA

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA

kernel32

GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetTickCount
GetCurrentThreadId
VirtualAlloc
GetStartupInfoA
GetCurrentProcessId

Sections

.textbss
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fae4a35832e1b46a1fa5d7e16de25b8

Headers

File Characteristics

Imports

ole32

ws2help

wsock32

advapi32

kernel32

Sections

.textbss Size: - Virtual size: 300KB

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 81KB

.rsrc Size: 5KB - Virtual size: 5KB

.textbss
Size: - Virtual size: 300KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 5KB - Virtual size: 5KB