e9f26258541fb4ecc1761b01cd17cedd77639557b1285ae53ee46703408b5153

Sharing

Copy URL Twitter E-mail

General

Target

e9f26258541fb4ecc1761b01cd17cedd77639557b1285ae53ee46703408b5153
Size

116KB
MD5

7a6caf88913e01931d313953b6ed18c3
SHA1

3d1f2b3d69f4437137194c8490567df02db43f33
SHA256

e9f26258541fb4ecc1761b01cd17cedd77639557b1285ae53ee46703408b5153
SHA512

42d9e9543c0aa760126b7b982230528d15a541d26ce568b4f8a43d6786e2461dd69d6e4e10c9730fe1cba8dcfcef5d79032e65538b858d45ad7f408ccf7c38f2
SSDEEP

1536:DQq4v6uxwN1++80/pFcUFT5RtLLIDf6Zj2o6N/7qqyPK8om0XUs:Dev6ux660RWg7a6Zj2oI7mPVomQUs

Score

N/A

Malware Config

Signatures

Files

e9f26258541fb4ecc1761b01cd17cedd77639557b1285ae53ee46703408b5153
.exe windows x86

7a700f286ee3a090dc113fcd37828c2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
CloseHandle
WaitForSingleObject
CreateEventA
Sleep
GetModuleFileNameA
lstrlenA
DeleteFileA
GetTempPathA
SetEvent
GetLastError
CreateMutexA
OpenMutexA
CopyFileA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
GetTickCount
CreateProcessA
WriteFile
CreateFileA
LCMapStringW
MultiByteToWideChar
ReadFile
SetFilePointer
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
GetCurrentProcess
HeapAlloc
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetTempFileNameA
SetEnvironmentVariableA
FlushFileBuffers
CompareStringW
CompareStringA
HeapFree
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetStdHandle
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
GetTimeZoneInformation
GetSystemTime
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess

user32

GetMessageA
wsprintfA
CreateWindowExA
ShowWindow
UpdateWindow
DefWindowProcA
PostQuitMessage
LoadCursorA
RegisterClassExA
TranslateMessage
DispatchMessageA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

ws2_32

ntohl
htonl
accept
bind
listen
select
__WSAFDIsSet
gethostname
gethostbyname
inet_ntoa
WSAStartup
socket
inet_addr
htons
connect
send
ioctlsocket
recv
closesocket
WSAGetLastError
WSACleanup

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a700f286ee3a090dc113fcd37828c2e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 33KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 33KB

.rsrc
Size: 36KB - Virtual size: 32KB