9e9bb797900075dc773515699e6aa851bdd99bf565e8bda01726a95b46514410

Sharing

Copy URL Twitter E-mail

General

Target

9e9bb797900075dc773515699e6aa851bdd99bf565e8bda01726a95b46514410
Size

83KB
MD5

689d2f266519505689a82549a54aa2ac
SHA1

cc5413a452f8e035f27d9404bc353d2391dd3f22
SHA256

9e9bb797900075dc773515699e6aa851bdd99bf565e8bda01726a95b46514410
SHA512

0ee3e0987756de4a7abc9ea4442349dea947160d8f8c9b22ad17b2b9fdb6a076740e8f5a39180e7c308bc3ec031e6b928d16c071cc1573a1fb601ca04a8cb4cf
SSDEEP

768:+pyI+k1eqzZq4X1UfN2gsT22PYabO25PUljD8gVhuHh2n2SEDsUmGmuZHU44f6ym:+6kL84lTgs/P3bOScljZuKYj244f

Score

1^/10

Malware Config

Signatures

Files

9e9bb797900075dc773515699e6aa851bdd99bf565e8bda01726a95b46514410
.exe windows x86

d4e88c97f0146e8f40e1ae73353641d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

ws2_32

send
listen
closesocket
accept
WSAStartup
htonl
htons
setsockopt
WSACleanup
recv
bind
socket

kernel32

GetCommandLineA
CreateFileW
HeapSize
IsProcessorFeaturePresent
HeapReAlloc
WriteConsoleW
SetStdHandle
RtlUnwind
LoadLibraryW
SetupComm
CreateFileA
ClearCommError
GetCommState
WaitForSingleObject
WriteFile
SetCommState
SetCommTimeouts
Sleep
CreateEventA
ReadFile
GetOverlappedResult
GetLastError
SetCommMask
WaitCommEvent
CreateMutexA
PurgeComm
CloseHandle
CreateThread
GetStringTypeW
MultiByteToWideChar
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
ExitProcess
HeapCreate
GetProcAddress
HeapFree
HeapAlloc
FlushFileBuffers
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
EncodePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId

user32

LoadCursorA
GetDlgItemTextA
EnableWindow
GetSysColorBrush
EndPaint
GetMessageA
CreateDialogParamA
RegisterClassExA
LoadStringA
LoadIconA
BeginPaint
TranslateMessage
SetPropA
CreateWindowExA
TranslateAcceleratorA
DefWindowProcA
LoadAcceleratorsA
ShowWindow
DispatchMessageA
UpdateWindow
GetSysColor
SetTimer
PostQuitMessage
KillTimer
SendMessageA
GetWindowTextA
SetWindowLongA
MessageBoxA
GetDlgItem
SetDlgItemTextA

gdi32

DeleteObject
SetTextColor
SetBkColor

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4e88c97f0146e8f40e1ae73353641d8

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ws2_32

kernel32

user32

gdi32

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 4KB