84420034c21f5a71d96d358e68ec5435c2456b87f40a10bc73a61fbf3f8befdd

General

Target

84420034c21f5a71d96d358e68ec5435c2456b87f40a10bc73a61fbf3f8befdd
Size

68KB
MD5

53a6d600ae568eac1a59b0e7d67f5480
SHA1

241eb59a65381247c78c32616fad80be3bc9fac3
SHA256

84420034c21f5a71d96d358e68ec5435c2456b87f40a10bc73a61fbf3f8befdd
SHA512

aa73c6ddc044859c3df3687d6bc8cde61f821fcc96853ac8bec12781eb83df0e86bac35045ea17e260c017124bc445f9d5a57076dd506b8fa69f8e6615c92a25
SSDEEP

1536:edknc6QhOX6DQhmToDpgUWCzdBG7/6H8lQuLLVYg52zsrtke:eZTovf18Yggzsrt9

Score

N/A

Malware Config

Signatures

Files

84420034c21f5a71d96d358e68ec5435c2456b87f40a10bc73a61fbf3f8befdd
.exe windows x86

bc765694836f4bb181e8f316eefac19e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetModuleFileNameA
lstrcpyA
lstrcatA
GetSystemDirectoryA
GetProcAddress
VirtualProtectEx
VirtualAllocEx
CreateRemoteThread
GetLastError
CreateMutexA
GetCurrentProcess
OpenProcess
GetLocaleInfoA
GetACP
GetVersionExA
FreeLibrary
Sleep
LoadLibraryA
CloseHandle
SetEndOfFile
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
FlushFileBuffers
SetStdHandle
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapAlloc
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
ReadFile
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
GetCPInfo
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

ws2_32

inet_ntoa
WSAStartup
gethostname
WSACleanup
gethostbyname

netapi32

Netbios

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc765694836f4bb181e8f316eefac19e

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

netapi32

psapi

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 9KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 9KB