9faa2428c53ff7b50fe21e6897d02dee0a2b83949bc2b5c86feddfccf3d3f5af

Sharing

Copy URL Twitter E-mail

General

Target

9faa2428c53ff7b50fe21e6897d02dee0a2b83949bc2b5c86feddfccf3d3f5af
Size

168KB
MD5

2377b7f44f1ef54395e778021c2a6161
SHA1

e6d97c47b30ae814d6a52af64ac21836248cd625
SHA256

9faa2428c53ff7b50fe21e6897d02dee0a2b83949bc2b5c86feddfccf3d3f5af
SHA512

c61fece009626142c5cf54bcea0378a1335765d28c433beae9edd276b9f7e3bfaacb9ff0c201b115c548063d618b07cd77963b612195125ecd77ccaa54b31216
SSDEEP

3072:h66wOlNYD+kO7bz/l2vEVuCIPylyC2MvjSQsrHXXYmOzNu+U0KDn2bCs27kFQAH7:un43an2bCsfDcQFgbDC/

Score

N/A

Malware Config

Signatures

Files

9faa2428c53ff7b50fe21e6897d02dee0a2b83949bc2b5c86feddfccf3d3f5af
.exe windows x86

59a8acbdd2d835e29a0affbf8c2d62f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

setsockopt
WSACleanup
__WSAFDIsSet
closesocket
gethostbyname
select
ntohl
shutdown
WSAStartup
send
socket
connect
recv
htonl
htons
ioctlsocket
WSAGetLastError

kernel32

ReadConsoleW
ReadFile
HeapSize
CreateFileW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEndOfFile
FreeEnvironmentStringsW
Sleep
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetLastError
AttachConsole
GetCurrentProcessId
AllocConsole
SetConsoleTitleW
GetComputerNameA
FormatMessageA
GetEnvironmentStringsW
WriteConsoleW
SetEnvironmentVariableW
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
DecodePointer
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetFileType
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte

advapi32

RegCloseKey
GetUserNameA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59a8acbdd2d835e29a0affbf8c2d62f4

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 2KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 2KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB