f3d054d0edd4113fb1a449b6a1cdeef6cbd1728c3143ef138303fa4e4735344f

Sharing

Copy URL

Twitter E-mail

General

Target

f3d054d0edd4113fb1a449b6a1cdeef6cbd1728c3143ef138303fa4e4735344f
Size

745KB
MD5

8ae67a3f18bf71b79fd93b20c1ef5d99
SHA1

bbc5302c5ba31b3642229055326dc4c83911d022
SHA256

f3d054d0edd4113fb1a449b6a1cdeef6cbd1728c3143ef138303fa4e4735344f
SHA512

6cf7a53259fdfd7eb909191098af01cda1f1a3129750c124a7f01416012074ee89e15af9aa1abd4bad5dd95ad05e5f50a55b4876d1848e8f9992c05b362515d3
SSDEEP

12288:3rbEsWv6PSPELaD8eShrvdt7GDbp48I2V2qhiG:3cjv6PUIaD8vt7MbOL2Vth3

Score

N/A

Malware Config

Signatures

Files

f3d054d0edd4113fb1a449b6a1cdeef6cbd1728c3143ef138303fa4e4735344f
.exe windows x86

7d6004bc8bc9396e045b57f3745b43d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohl
WSASetServiceW
WSARecvFrom
WSAInstallServiceClassW
WSALookupServiceNextW
shutdown
WSAEnumNetworkEvents
WSAGetLastError
WSAStringToAddressA
inet_addr

oleaut32

LoadTypeLibEx
QueryPathOfRegTypeLi
SetErrorInfo

kernel32

GetCommConfig
GetUserDefaultLangID
MoveFileW
IsDBCSLeadByteEx
GetDateFormatA
GetProcessHeap
SetCurrentDirectoryA
GetCurrentDirectoryW
GetOverlappedResult
OpenSemaphoreW
ReadConsoleOutputA
GetConsoleCursorInfo
ReleaseMutex
SetSystemTime
FlushConsoleInputBuffer
ExitProcess
PeekNamedPipe
GetCompressedFileSizeW
GlobalFindAtomW
EnumResourceLanguagesW
DuplicateHandle
PeekConsoleInputW
SetTimeZoneInformation
WriteProcessMemory
FillConsoleOutputCharacterA
GetNumberFormatW
GetFullPathNameA
WriteFile
SetStdHandle
GetProfileStringA
FindFirstFileW
RemoveDirectoryA
GetFileInformationByHandle
SetEnvironmentVariableA
GetHandleInformation
SetConsoleActiveScreenBuffer
SetEndOfFile
IsValidLocale
WriteConsoleOutputW
SetConsoleTitleA
IsBadReadPtr
GetFileAttributesExA
LocalReAlloc
GetTickCount
lstrcmpiW
ReleaseSemaphore
VirtualFree
WritePrivateProfileStructA
CloseHandle
GetDiskFreeSpaceW
VirtualAlloc
MoveFileExA
TlsGetValue
SetNamedPipeHandleState
GlobalDeleteAtom
GetLongPathNameA
GetBinaryTypeW
VirtualAllocEx

user32

CreateCaret
GetWindowThreadProcessId
GetForegroundWindow
MapVirtualKeyExW
CreateDialogParamW
GetDlgItem
IsZoomed
InvalidateRect
DestroyWindow
PeekMessageW
SetWindowRgn
EndDialog
AdjustWindowRect
GetWindowTextLengthW

msvcrt

fwprintf
wcsncpy
fread
strncmp
wprintf
mktime
_beginthreadex
localeconv
_mbsnbcat
_chdir
_mbsinc
_lseek
_strdup
_ecvt
atol
_mkdir
strncpy
getenv
_wtoi64
_eof
signal
iswprint
strtok
_mbscat
_i64tow
_wpopen
_fsopen

Sections

.text
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d6004bc8bc9396e045b57f3745b43d2

Headers

File Characteristics

Imports

ws2_32

oleaut32

kernel32

user32

msvcrt

Sections

.text Size: 330KB - Virtual size: 330KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 377KB - Virtual size: 377KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 330KB - Virtual size: 330KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 377KB - Virtual size: 377KB

.rsrc
Size: 32KB - Virtual size: 31KB