d382df60bd7378d9e4b57e31d0aab4f7bd3e4006842ab57cc13e75cfe61a2c56

Sharing

Copy URL Twitter E-mail

General

Target

d382df60bd7378d9e4b57e31d0aab4f7bd3e4006842ab57cc13e75cfe61a2c56
Size

1.4MB
MD5

06bc49cdf92a6bb623caffd20825d772
SHA1

14bd4c5f52d2c1d29d1124810dd032de607301ac
SHA256

d382df60bd7378d9e4b57e31d0aab4f7bd3e4006842ab57cc13e75cfe61a2c56
SHA512

bcb0c5f584e79ebecd4c526e049e3d21976bf072a35ed5267b32f7e9a8914719fbfff0535eb50cebcc3a9a93c68afb2922ef4143fc53fd16c52e5b7ce8bbfe05
SSDEEP

24576:PWW31vV+6/qmR5GyEnvjnAeZfVpbQUoA0COQnoRY:uCm6/qmR5GyEnvjnAedrogOQoR

Score

1^/10

Malware Config

Signatures

Files

d382df60bd7378d9e4b57e31d0aab4f7bd3e4006842ab57cc13e75cfe61a2c56
.exe windows x86

2cf9699c32c48a69477e1c3be0585fe3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetProcAddress
TlsFree
GetComputerNameA
AreFileApisANSI
SetWaitableTimer
VerifyVersionInfoA
RegisterWaitForSingleObject
TerminateProcess
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
WaitForSingleObject
GetSystemDirectoryW
DuplicateHandle
MultiByteToWideChar
TerminateThread
CloseHandle
QueueUserAPC
UnregisterWaitEx
DeleteCriticalSection
VerSetConditionMask
WideCharToMultiByte
TlsGetValue
CreateProcessA
CreateIoCompletionPort
GetExitCodeProcess
InitializeSRWLock
TlsSetValue
HeapFree
GetLastError
GetCurrentThreadId
CreateEventW
ReleaseSRWLockExclusive
SetEvent
AcquireSRWLockExclusive
WaitForSingleObjectEx
ReleaseSRWLockShared
CreateThread
HeapAlloc
CreateWaitableTimerA
AcquireSRWLockShared
GetProcessHeap
SleepEx
GetSystemTimeAsFileTime
CreateEventA
GetTickCount
PostQueuedCompletionStatus
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
FindNextFileA
FindFirstFileExA
ReadConsoleW
GetTimeZoneInformation
OutputDebugStringW
GetModuleHandleA
GetEnvironmentVariableA
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
SetLastError
SetEnvironmentVariableW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetACP
ExitProcess
HeapReAlloc
FreeLibraryAndExitThread
ExitThread
WriteConsoleW
GetModuleHandleExW
GetFileType
LoadLibraryExW
FreeLibrary
RaiseException
RtlUnwind
FormatMessageW
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
Sleep
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
GetCurrentDirectoryW
CreateFileW
FindClose
GetFileAttributesW
SetEndOfFile
SetFilePointerEx
DeviceIoControl
FormatMessageA
LocalFree
ResetEvent
ReleaseSemaphore
WaitForMultipleObjectsEx
OpenEventA
GetCurrentProcessId
SystemTimeToFileTime
GetLocaleInfoA
IsValidCodePage
IsDBCSLeadByteEx
EnumSystemLocalesA
FoldStringW
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
WakeAllConditionVariable
SleepConditionVariableSRW
GetModuleFileNameW
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetStdHandle
CreateProcessW
GetConsoleWindow
ReadFile
WriteFile
SetEnvironmentVariableA
InterlockedPushEntrySList
GetModuleFileNameA

user32

PostMessageA
ShowWindow
SetWindowPos
UpdateWindow
RegisterClassExA
PostQuitMessage
LoadIconA
TranslateMessage
CreateWindowExA
DefWindowProcA
LoadCursorA
DispatchMessageA
GetMessageA
GetWindowLongA

advapi32

RegCloseKey
RegQueryValueExA
GetUserNameA
RegOpenKeyExA
RegEnumKeyExA

ws2_32

WSAStartup
setsockopt
ioctlsocket
WSARecv
WSASetLastError
shutdown
WSASend
closesocket
htons
htonl
WSASocketW
WSAStringToAddressW
listen
ntohl
WSACleanup
bind
WSAGetLastError

mswsock

GetAcceptExSockaddrs
AcceptEx

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cf9699c32c48a69477e1c3be0585fe3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

mswsock

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 257KB - Virtual size: 257KB

.data Size: 36KB - Virtual size: 44KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 65KB - Virtual size: 64KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 257KB - Virtual size: 257KB

.data
Size: 36KB - Virtual size: 44KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 65KB - Virtual size: 64KB