General
-
Target
q2.exe
-
Size
184KB
-
MD5
551a42523e5dbcba2198c16b14d0c692
-
SHA1
e8e1b0144f0dd7b78af610d6fa77ac008acfbce8
-
SHA256
12fdcfef06dbb332f1f5fd2eb4eab239b3ae23696b7583b5bc128755edaf8b22
-
SHA512
2cc5d49b230d3162510c09ca9929b364c31d248308fd18b1ea0401e84f750f19e5b8fb98f4c9fc2115d7f7ad8b5057b2ffefb87329b3e26432d5a219b7439d4d
-
SSDEEP
3072:5STESfYgg5xWfHZOKsl73DnipYSnAFfUsFQSk:GyWvMKS3DnmzAR
Malware Config
Extracted
formbook
4.1
xm33
derihunter.africa
ib-online.live
ellipchenko.ru
bpjzcw.info
localsresource.com
culligandly.com
kathador.com
clarahairr.com
mayfair.africa
bungeglobalsa.biz
baycountyhomesource.com
homes24design.com
simpleusdt.net
ajamanagementgroup.net
headphones-70882.com
zjgrgy.com
2402.voto
rentalsnearballstate.com
drinkcroatian.com
fetcherror.com
db-revarc.com
de5.network
zk8008.net
hywjzj.com
l84poster.com
cuyahoga.tech
ctjho08.vip
tedlov.xyz
classjewelries.co.uk
updateui.info
dda234.com
glowupdesignco.com
cn-pingfang.com
horehotrade.online
editingstocks.com
huntingt0nverifier.shop
bepika.com
exchangevitruvian.com
mavicam.africa
expressme.social
injurylegalconsulting.com
gatwayapi.com
aamarstory.com
ku6.bar
coldshop.yachts
pipeplan.co.uk
dearlvey.com
diytribe.net
biodivers-seeland.ch
ismusic.africa
gabrielballon.com
achievmeant.com
thriftonline.africa
buidlds.com
mamaspride.africa
91yz716.xyz
hear-aid-83894.com
ganaf1mbmb.click
energysupplements.xyz
humanfeel.online
buhanashop.com
laptops-40364.com
bqgid.xyz
footballresults.website
cfjzumtgbb.one
Files
-
q2.exe.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ