ede060444b44d499e011436575576d574dab9882d6ba4922ff99009eb4a68c50

General

Target

ede060444b44d499e011436575576d574dab9882d6ba4922ff99009eb4a68c50
Size

35KB
MD5

4a7c8d0d299a876fceadea8a1a076b27
SHA1

5111f969138d37da8414e8a531376332ae297f5b
SHA256

ede060444b44d499e011436575576d574dab9882d6ba4922ff99009eb4a68c50
SHA512

b486ed358e940029ac360c3b2bba0d671a4418adbf6f27638013353ea60e9961eba5593e4589c4f7c0070848e05ba34449cd6a1c8f39f5eac1358845008ce158
SSDEEP

192:JMCicniaFs2qQ3XVMtU8KGVM/io3UAQNoMDsIhelWdh0PsZKz+KW05Mm4r6w78i9:J7bnHeCVedsIheknibK6wnCysW6W

Score

N/A

Malware Config

Signatures

Files

ede060444b44d499e011436575576d574dab9882d6ba4922ff99009eb4a68c50
.exe windows x86

04f9327032ca4a3ded833377e23b235b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
closesocket
connect
socket
htons
recv
send
WSACleanup
inet_ntoa
gethostname
WSAStartup
inet_addr
gethostbyname

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
CreateMutexA
GetLastError
CloseHandle
Sleep
CopyFileA
CreateFileA
ReadFile
DeleteFileA
WriteFile
GetLocalTime
GetLogicalDriveStringsA

user32

SetTimer
GetMessageA
DefWindowProcA
DispatchMessageA
RegisterClassExA
TranslateMessage
CreateWindowExA
PostQuitMessage

shell32

ShellExecuteA

wininet

InternetConnectA
FtpOpenFileA
InternetReadFile
InternetCloseHandle
FtpGetFileA
FtpPutFileA
InternetOpenA

msvcr80

fopen
_itoa
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
memcpy
strlen
strcpy
strcat
memset
fwrite
fclose
strcmp
fread
_findfirst64i32
_findnext64i32
_findclose
??2@YAPAXI@Z
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04f9327032ca4a3ded833377e23b235b

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

shell32

wininet

msvcr80

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 19.1MB

.rsrc Size: 4KB - Virtual size: 428B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 19.1MB

.rsrc
Size: 4KB - Virtual size: 428B