13dfa2f809b11d34f36647fea83f4f524097505ddf4a996e13774cd5a6e3c33b

Sharing

Copy URL

Twitter E-mail

General

Target

13dfa2f809b11d34f36647fea83f4f524097505ddf4a996e13774cd5a6e3c33b
Size

68KB
MD5

207fe65e5819945321f51634a19fbb9a
SHA1

bd614643ab720c56e4958ad9ec6d6a4bb2aa6832
SHA256

13dfa2f809b11d34f36647fea83f4f524097505ddf4a996e13774cd5a6e3c33b
SHA512

b95f8abfffc59e679718d42ff43eff0ec4162f8aaa34349cf7353a689bb4cae64ecdf0e238bd6f47e67c648c81c125c80bc264996c636b8e31c15e01aea4cef3
SSDEEP

768:cTxCglRoNQ9adUTVo0akVr/nGChEEIrSS0hA4xWJCaDVMlhxy:Axtla6SUUkV7GChEE5+DGlh8

Score

N/A

Malware Config

Signatures

Files

13dfa2f809b11d34f36647fea83f4f524097505ddf4a996e13774cd5a6e3c33b
.exe windows x86

0349de655f4d566f1ce8868756cf86b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
TerminateProcess
OpenProcess
GetVersionExA
CreateProcessA
GetTickCount
GetSystemDirectoryA
GlobalFree
GlobalAlloc
GetCurrentThreadId
GetCurrentProcessId
MapViewOfFile
CreateFileMappingA
GetTempPathA
OpenFileMappingA
GetModuleFileNameA
CopyFileA
WaitForSingleObject
SetPriorityClass
GetCurrentProcess
SetThreadPriority
GetCurrentThread
GetSystemInfo
SetFilePointer
WinExec
GetWindowsDirectoryA
GetLastError
CreateMutexA
ExitProcess
GetModuleHandleA
SetErrorMode
CompareStringW
CompareStringA
FlushFileBuffers
WriteFile
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
SetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
CloseHandle
GlobalMemoryStatus
Sleep
HeapFree
VirtualFree
HeapCreate
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy

user32

GetDesktopWindow
wsprintfA

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ws2_32

recv
__WSAFDIsSet
WSAIoctl
sendto
select
htons
socket
connect
send
inet_addr
gethostbyname
WSAStartup
setsockopt
closesocket

wininet

DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA

iphlpapi

GetNetworkParams

dnsapi

DnsRecordListFree
DnsQuery_A

shlwapi

PathRemoveFileSpecA
PathFindFileNameA

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0349de655f4d566f1ce8868756cf86b5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

iphlpapi

dnsapi

shlwapi

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 20KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 20KB