MOTIF_00e415e72a4fc4c8634d4d3815683ce8

General

Target

MOTIF_00e415e72a4fc4c8634d4d3815683ce8
Size

68KB
MD5

fa29a231123bc8d52938ae8915f694a2
SHA1

bc41541c378f109936e56a20b3bd65c86f1802d0
SHA256

f77cc9fcaf6b5d15a209cf14229884eb833a0ae87204160341709c0f3b3ae0b2
SHA512

5237fdbe4159f9ae6f72f45e163a9d8bce02be13cb87b6bcc41f05700b78104fe52bb418f697483aef14cc5bb0499ed81e53c8c406c4ec488c9a731ed8095198
SSDEEP

1536:SjRgTsv7S+8Q6Z1E7o3ZT9w2wRVqDR1HYLo:/ADSvZ1E8Vwb8R1HGo

Score

1^/10

Malware Config

Signatures

Files

MOTIF_00e415e72a4fc4c8634d4d3815683ce8
.exe windows

86d0fab76458bcd1bec30d90fbd298d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
Sleep
ReadFile
SetFilePointer
ExitThread
GetFileSize
CreateThread
CreateFileW
CloseHandle
GetDriveTypeW
WriteFile
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
CreateProcessW
GetProcAddress
LoadLibraryW
MultiByteToWideChar
GetSystemDefaultLangID
GetSystemInfo
GetTickCount
DeleteFileW
GetLastError
FlushFileBuffers
WideCharToMultiByte
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
LCMapStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW

shell32

ShellExecuteW

ws2_32

closesocket
select
WSAStartup
gethostname
WSACleanup
send
socket
recv

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86d0fab76458bcd1bec30d90fbd298d7

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 43KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 43KB