tomcat8[.]exe[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

tomcat8.exe.zip
Size

43KB
MD5

c16171a8b80cbbb767e77b6d2fa796b1
SHA1

4b010d4cbbb455b5d84bf9f0ac9bf045fb85bc1a
SHA256

e0cedb590253fe9ce4450881806d9c2033d6b2767a4786ff081d1bf0b3758713
SHA512

2aaa5fa9a9f7702a5a270e93c2640dc1c98c0dd624742d520e5696d5cf64ec39e7631a9897d19843864a401289f83bcad00b7d531bbefdbcec0ebf3266cb2d00
SSDEEP

768:apAxSoY9YJLXwH12MZvijkkXC/PSBJmviy7OBYB5+caAy+G6VH2khmNWIlJYPX8I:apAxpY9PrvijkkXC3KJmDPBsNd6Be1yp

Score

N/A

Malware Config

Signatures

Files

tomcat8.exe.zip
.zip
checksums.txt
tomcat8.exe
.exe windows x64

62ba3d29c73cde1abfefb6b9a6c9786d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryExW
SetErrorMode
GetFileAttributesW
GetExitCodeThread
lstrcatA
FindNextFileA
FindClose
FindFirstFileA
lstrcmpA
UnlockFile
SetFilePointer
LockFile
CreateFileW
SystemTimeToFileTime
CreateDirectoryW
GetSystemDirectoryW
GetLocalTime
SetLastError
LeaveCriticalSection
FlushFileBuffers
GetCurrentThreadId
WriteFile
FormatMessageA
EnterCriticalSection
GetStdHandle
InitializeCriticalSection
SetEnvironmentVariableW
GetExitCodeProcess
ReadFile
SetHandleInformation
CreatePipe
TerminateProcess
DuplicateHandle
FreeEnvironmentStringsW
SetStdHandle
LoadLibraryW
GetCurrentProcess
CreateProcessW
OutputDebugStringW
GetEnvironmentStringsW
__C_specific_handler
GetProcessHeap
GetTickCount
_local_unwind
GetVersionExW
WideCharToMultiByte
GetCurrentProcessId
ExpandEnvironmentStringsW
LocalFree
LocalAlloc
GenerateConsoleCtrlEvent
DeleteFileW
AllocConsole
GetConsoleWindow
GetSystemTimeAsFileTime
SetCurrentDirectoryW
SetConsoleCtrlHandler
AttachConsole
ExitProcess
GetProcAddress
FreeLibrary
VirtualFree
GlobalFree
GetSystemInfo
VirtualAlloc
HeapCreate
GetCommandLineW
HeapDestroy
ResumeThread
CreateEventW
Sleep
lstrlenA
lstrcpyA
SetEvent
TerminateThread
WaitForSingleObject
ResetEvent
SwitchToThread
HeapFree
HeapReAlloc
HeapAlloc
CreateThread
CloseHandle
ExitThread
lstrcpyW
lstrcatW
GetEnvironmentVariableW
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
QueryPerformanceCounter
GetModuleHandleW
GetModuleFileNameW
GetLongPathNameW
lstrcmpiW
lstrlenW
WaitForMultipleObjects
lstrcmpW

advapi32

QueryServiceConfigW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
DeleteService
CreateServiceW
StartServiceW
EnumDependentServicesW
ControlService
QueryServiceStatusEx
ChangeServiceConfigW
ChangeServiceConfig2W
QueryServiceStatus
OpenServiceW
RegCloseKey
OpenSCManagerW
CloseServiceHandle
CreateProcessAsUserW
LogonUserW
DuplicateTokenEx
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW

shell32

CommandLineToArgvW

user32

wvsprintfA
wsprintfA
MessageBoxA
WaitForInputIdle
ShowWindow
FindWindowW
wsprintfW
SendMessageW

msvcrt

_wputenv
setvbuf
_dup2
_fileno
_wfopen
fwprintf
fputc
_snprintf
towupper
_flushall
fprintf
wcsrchr
strncmp
_unlock
__dllonexit
_lock
_onexit
towlower
__getmainargs
_XcptFilter
_exit
_cexit
exit
_initterm
_amsg_exit
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
wcschr
iswctype
fflush
_iob
fputs
memset
atoi

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62ba3d29c73cde1abfefb6b9a6c9786d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

user32

msvcrt

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 12KB - Virtual size: 22KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 12KB - Virtual size: 22KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB