fefe76c0d9ca627a6db36ec7fe1af29f748c3aeb2f6a42d71b135cdac8654610

Sharing

Copy URL Twitter E-mail

General

Target

fefe76c0d9ca627a6db36ec7fe1af29f748c3aeb2f6a42d71b135cdac8654610
Size

316KB
MD5

d60e0f93bd3a54d31c6ec1992d7aa308
SHA1

e94080804371e632689c4b34f5c7f28d378e618e
SHA256

fefe76c0d9ca627a6db36ec7fe1af29f748c3aeb2f6a42d71b135cdac8654610
SHA512

a9f3d912d4e2df686199134c8a5e40384a14d351d81fff61f97b905a5c6c14a98365047e737930e0c80fd2a6be4a8cee19a0520c201a883987a494945d4920af
SSDEEP

6144:K64UWirKj/SM+ktavpPAOELkycvsLwdOdJj4CuG:hdWirKAPOLky5Lf4Cb

Score

1^/10

Malware Config

Signatures

Files

fefe76c0d9ca627a6db36ec7fe1af29f748c3aeb2f6a42d71b135cdac8654610
.exe windows x86

40eed45f77f9885872c14ff9fa6a4eda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleFileNameA
Process32First
GetCurrentProcess
CreateToolhelp32Snapshot
Sleep
Process32Next
CloseHandle
ExitProcess
WinExec
LoadLibraryA
HeapSize
CreateFileW
GetProcessHeap
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
GetLastError
lstrcatA
CreateDirectoryA
lstrlenA
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
FlushFileBuffers
GetFileSizeEx
GetConsoleOutputCP
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
TerminateProcess
RtlUnwind
RaiseException
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ReadFile
GetStdHandle
WriteFile
GetModuleFileNameW
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WaitForSingleObject
WriteConsoleW

user32

GetClassNameA
PostMessageA
FindWindowW
SetWindowPos
FindWindowA
wsprintfA
EnumChildWindows
FindWindowExA
SendMessageA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

wininet

FtpOpenFileA
InternetCrackUrlA
FtpGetFileSize
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFile

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40eed45f77f9885872c14ff9fa6a4eda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

wininet

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 54KB - Virtual size: 53KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 7KB