8b73b9020286319c89a3dcb7ef73bed133968aa1563122e41538c21d91756b25

Sharing

Copy URL Twitter E-mail

General

Target

8b73b9020286319c89a3dcb7ef73bed133968aa1563122e41538c21d91756b25
Size

672KB
MD5

aa9dbef82219632e99416ccb24770a95
SHA1

6643d33a0affc957289edd5923dcac1364a8441a
SHA256

8b73b9020286319c89a3dcb7ef73bed133968aa1563122e41538c21d91756b25
SHA512

0eefe1a7bccc6483b0fae44055e8220fde3a841b5b072d19a307093df424c3c39cb5d41edd7e5502d74fda72e040b917ead05c2b629a62841b5288493a066db7
SSDEEP

12288:ihitjDp1cqR54DFTnBgQCFfD46DDw82UMBeUslHOXEXtm/Kn2jBMjy7D:ihitjDp1lQFTLxUMBeUslHpXtm/KnC+W

Score

N/A

Malware Config

Signatures

Files

8b73b9020286319c89a3dcb7ef73bed133968aa1563122e41538c21d91756b25
.dll windows x86

4b45e7db0366555e90076b0de70cd846

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameA
GetModuleFileNameExA
EnumProcessModules

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

ws2_32

send
WSAGetLastError
inet_addr
connect
gethostname
gethostbyname
closesocket
htonl
bind
WSAAsyncSelect
listen
socket
WSACleanup
WSAStartup
recv
accept
inet_ntoa
getpeername
htons

kernel32

SuspendThread
Module32Next
OpenThread
DeleteFileA
GetCurrentThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
Thread32First
TerminateThread
Thread32Next
GetComputerNameA
CreateFileMappingA
MapViewOfFile
FreeLibrary
SetPriorityClass
DeleteCriticalSection
GetTickCount
GetPrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
ReadProcessMemory
VirtualQueryEx
GetSystemInfo
OpenProcess
GetCurrentProcessId
Sleep
lstrcmpiA
VirtualProtect
VirtualQuery
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
LocalFree
LocalAlloc
WideCharToMultiByte
WritePrivateProfileStringA
GetCurrentProcess
MultiByteToWideChar
Process32Next
GetBinaryTypeA
Module32First
TerminateProcess
GetPriorityClass
Process32First
CreateToolhelp32Snapshot
WriteProcessMemory
GetProcAddress
LoadLibraryA
GetLastError

user32

GetWindowLongA
DestroyMenu
GetClientRect
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
wsprintfA
ClientToScreen
GetSystemMetrics
SendInput
SetCursorPos
MapVirtualKeyA
ScreenToClient
UnhookWindowsHookEx
SetWindowsHookExA
GetParent
GetAsyncKeyState
CallNextHookEx
SetWindowLongA
GetDC
ReleaseDC
DestroyWindow
GetFocus
GetCursorPos
keybd_event
RegisterClassExA
CreateWindowExA
UpdateWindow
ShowWindow
EnumWindows
GetDlgCtrlID
SendMessageA
EnumChildWindows
FindWindowExA
GetWindowTextA
CallWindowProcA
GetForegroundWindow
SetTimer
SendDlgItemMessageA
IsDlgButtonChecked
CheckDlgButton
SetWindowPos
SetFocus
SetForegroundWindow
CreatePopupMenu
InsertMenuA
GetDlgItem
GetWindowRect
TrackPopupMenu

gdi32

SetTextColor
PatBlt
SetPixel
SetBkColor
GetTextColor
TextOutA
GetPixel
BitBlt
CreateSolidBrush

winmm

PlaySoundA

msvcrt

_mbscat
printf
_mbscpy
fread
fseek
ftell
fputc
fwrite
_ftol
atol
_beginthreadex
_mkdir
srand
_mbschr
time
localtime
fprintf
_strnicmp
_strupr
fopen
fgets
fclose
_mbscmp
_stricmp
rand
_itoa
strchr
memset
strtok
_except_handler3
??2@YAPAXI@Z
abs
atoi
_mbsstr
memcpy
malloc
strncpy
free
__CxxFrameHandler
strstr
_mbstok
_mbsncmp
isalpha
strlen
strcat
isdigit
strrchr
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
strcmp
sprintf
??3@YAXPAX@Z
strcpy
strncmp
_ismbblead

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

Sections

.text
Size: 524KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b45e7db0366555e90076b0de70cd846

Headers

File Characteristics

Imports

psapi

wininet

ws2_32

kernel32

user32

gdi32

winmm

msvcrt

msvcp60

Sections

.text Size: 524KB - Virtual size: 521KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 68KB - Virtual size: 1.2MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 60KB - Virtual size: 58KB

.text
Size: 524KB - Virtual size: 521KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 68KB - Virtual size: 1.2MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 60KB - Virtual size: 58KB