server[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

server.exe
Size

906KB
MD5

cb43dbcfaefce524a32208247383b7fd
SHA1

d1b98b702ff31da0fb357f44d4265bd24b38470f
SHA256

9b632250c30411b0d4f0b0a33cd28f5af52a0b5dd4513bdc4a564087fc1e6a43
SHA512

08b0df876e2c84d76ea744401ae18f4f0595eb1c037ae4209292f2dbf3df65db1331c85c1fcf8ce16c5e986931caf626afaa081db66613f1ade2dba10d939715
SSDEEP

12288:PGOKnxw/No9EM8PPiMlU7gp2tdZmlJcsit5QJg7C:fKxw/NcEMXMlU7fdZmAWg7C

Score

1^/10

Malware Config

Signatures

Files

server.exe
.exe windows x86

67b9baebd8cdaf92c83c479afccabd60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetLastError
InterlockedIncrement
HeapAlloc
InterlockedDecrement
GetProcessHeap
lstrlenW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetFileAttributesW
ExitThread
TerminateThread
ResumeThread
CreateThread
GetProcessTimes
GetThreadLocale
DeviceIoControl
DefineDosDeviceW
GetVersion
SetThreadAffinityMask
GetVolumeInformationW
GlobalMemoryStatus
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
CreateFileW
SetFilePointer
GetModuleFileNameW
DeleteCriticalSection
CloseHandle
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
OutputDebugStringW
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadResource
FindResourceExW
GetCommandLineW
FindResourceW
SizeofResource
LockResource
MultiByteToWideChar
OpenMutexW
ReleaseMutex
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
GetTickCount
lstrlenA
WideCharToMultiByte
GetSystemInfo
VirtualAlloc
VirtualFree
lstrcpyW
lstrcatW
GetShortPathNameW
GetLongPathNameW
GetWindowsDirectoryW
GetSystemDirectoryW
LoadLibraryW
GetVersionExW
GetCurrentProcess
GetCurrentThread
TerminateProcess
GetModuleHandleW
OpenProcess
SetUnhandledExceptionFilter
ReadFile
FlushFileBuffers
VirtualQuery
GetVolumePathNameW
SetLastError
lstrcmpA
lstrcmpW
UnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetStartupInfoW
RtlUnwind
VirtualProtect
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

ole32

CoUninitialize
CoTaskMemFree
OleRun
CoCreateInstance
StringFromIID
CoInitializeEx

oleaut32

VariantClear
SafeArrayPutElement
SafeArrayUnlock
SafeArrayCreate
VariantInit

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiClassGuidsFromNameW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo

wsock32

WSAStartup
WSACleanup

user32

UnregisterClassA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
IsWindowUnicode
PeekMessageW
MsgWaitForMultipleObjectsEx
wsprintfW
DispatchMessageA

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67b9baebd8cdaf92c83c479afccabd60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

setupapi

wsock32

user32

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 122KB - Virtual size: 122KB

.data Size: 6KB - Virtual size: 18KB

.pdata Size: 572KB - Virtual size: 572KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 122KB - Virtual size: 122KB

.data
Size: 6KB - Virtual size: 18KB

.pdata
Size: 572KB - Virtual size: 572KB

.reloc
Size: 17KB - Virtual size: 16KB