93489ca97a8573984f5ee5e1e2f7bb2e833e80767f049a2b29fd8be72205b170

Sharing

Copy URL Twitter E-mail

General

Target

93489ca97a8573984f5ee5e1e2f7bb2e833e80767f049a2b29fd8be72205b170
Size

512KB
MD5

9c7588b8f51eb1fb98a9dcfccf45908e
SHA1

bc8a0c7ffe0a5fa40a64aec70f6722ceeb296f99
SHA256

93489ca97a8573984f5ee5e1e2f7bb2e833e80767f049a2b29fd8be72205b170
SHA512

77ba285ddfebc02895b58e4cf4f638d9a31f1b9bcf7d37b861226843208ea5d8244cacd5f9d9c35c5a9efd4eb6655e7b486ef3987ff32e2920f85d7ce136fd43
SSDEEP

12288:4lpSzmd8PSUlM9KvDukl2Gz9GSHXe1raHP3q/m2enXwGnrK3PkyRJMvfWQTOwrx:4Pd8SavrtW3lJiT3r

Score

N/A

Malware Config

Signatures

Files

93489ca97a8573984f5ee5e1e2f7bb2e833e80767f049a2b29fd8be72205b170
.dll windows x86

0a99fbc7b7ed86ef3b5cdd391c4af2c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringA
GetMessageA
TranslateMessage
DispatchMessageA
CharToOemBuffA
OemToCharBuffA
MessageBoxA

advapi32

LookupPrivilegeValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
OpenProcessToken
AdjustTokenPrivileges

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
SetHandleCount
GetStdHandle
GetUserDefaultLCID
IsBadWritePtr
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleA
DeviceIoControl
CreateFileA
WritePrivateProfileStringA
GetPrivateProfileIntA
Sleep
GetPrivateProfileStringA
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
ResumeThread
SetThreadPriority
lstrcmpiW
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
SizeofResource
GetLastError
FindResourceA
InitializeCriticalSection
DeleteCriticalSection
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
WriteFile
SetEvent
EnterCriticalSection
LeaveCriticalSection
VirtualFree
GetLocaleInfoW
GetOEMCP
CompareStringW
CompareStringA
HeapCreate
HeapDestroy
LoadLibraryA
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetStartupInfoA
IsBadCodePtr
IsBadReadPtr
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetLastError
TlsAlloc
InterlockedIncrement
InterlockedDecrement
GetFileAttributesA
GetTempPathA
SetFilePointer
FlushFileBuffers
SetEndOfFile
LockFileEx
UnlockFile
LockFile
GetSystemTime
GetFullPathNameA
GetSystemTimeAsFileTime
FindClose
FindFirstFileA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SetFileAttributesA
CreateDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
SetVolumeLabelA
GetCurrentDirectoryA
MoveFileA
RtlUnwind
ExitThread
GetCurrentThreadId
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
ExitProcess
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetEnvironmentVariableA
SetCurrentDirectoryA
GetFileType
SetStdHandle

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromProgID

oleaut32

VariantClear
SysAllocString
VariantCopyInd
DispCallFunc
VariantInit
SysAllocStringLen
VarBstrCat
SysFreeString

wininet

InternetCloseHandle
InternetSetStatusCallback
FtpOpenFileA
InternetReadFile
HttpQueryInfoA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetCookieA
HttpSendRequestA
InternetOpenA
InternetConnectA
InternetAttemptConnect

iphlpapi

GetAdaptersInfo

Exports

Exports

func

Sections

.text
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a99fbc7b7ed86ef3b5cdd391c4af2c7

Headers

File Characteristics

Imports

user32

advapi32

kernel32

ole32

oleaut32

wininet

iphlpapi

Exports

Exports

Sections

.text Size: 476KB - Virtual size: 476KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 476KB - Virtual size: 476KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 12KB