5fa20ce56828a1a4c1d17ff98813e925ac5565877f69df9e9c6d7dc75f1fc823

Sharing

Copy URL Twitter E-mail

General

Target

5fa20ce56828a1a4c1d17ff98813e925ac5565877f69df9e9c6d7dc75f1fc823
Size

131KB
MD5

3b883eb3bd392eb801c1982f1fa971d0
SHA1

d82f37a63756d942c08d820e32878874f51ca63c
SHA256

5fa20ce56828a1a4c1d17ff98813e925ac5565877f69df9e9c6d7dc75f1fc823
SHA512

76fef354947f25d89111966576ff0b32613414943d095fc4066fcca666cd446abe8e345d9122dae7c653083e7618a7808666e0c24a0b111db2d689375ac87deb
SSDEEP

3072:CdnrAqs0NIHkZmaVp5uQsKc6SxSLHrKnYTig:C9thIHksNKcu5

Score

N/A

Malware Config

Signatures

Files

5fa20ce56828a1a4c1d17ff98813e925ac5565877f69df9e9c6d7dc75f1fc823
.dll windows x86

01f0d66db5466aa059dd5ea2e71bdf88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wvsprintfA
GetCursorPos
MessageBoxA
wsprintfA

kernel32

CloseHandle
GetComputerNameA
VirtualFree
VirtualAlloc
GetCurrentProcess
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetVersionExA
GetCommandLineA
GetExitCodeThread
OpenThread
GetCurrentProcessId
Process32Next
Process32First
CreateToolhelp32Snapshot
IsBadReadPtr
IsBadStringPtrA
OutputDebugStringA
GetLastError
GetThreadPriority
GetCurrentThread
SetThreadPriority
TerminateProcess
GetTickCount
WriteFile
DisableThreadLibraryCalls
Sleep
GetSystemInfo
SetUnhandledExceptionFilter
RaiseException
TlsGetValue
ResumeThread
WaitForSingleObject
CreateFileA
InitializeCriticalSection
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
CreateThread
GetEnvironmentVariableA
TlsAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
TlsSetValue

ws2_32

socket
send
recv
connect
htons
listen
bind
accept
setsockopt
WSAIoctl
shutdown
closesocket
select
WSAGetLastError
getsockopt
WSAStartup
WSACleanup
inet_ntoa
ioctlsocket
gethostname
gethostbyname

advapi32

GetUserNameA
CloseTrace
ProcessTrace
OpenTraceA
StartTraceA
ControlTraceA

shell32

SHGetFolderPathA

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

Exports

Exports

_tmGetAPI@4

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RADCODE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RADDATA
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RADCONST
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

01f0d66db5466aa059dd5ea2e71bdf88

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

ws2_32

advapi32

shell32

winmm

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 57KB

RADCODE Size: 3KB - Virtual size: 2KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 86KB

RADDATA Size: 512B - Virtual size: 60B

RADCONST Size: 512B - Virtual size: 120B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 58KB - Virtual size: 57KB

RADCODE
Size: 3KB - Virtual size: 2KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 86KB

RADDATA
Size: 512B - Virtual size: 60B

RADCONST
Size: 512B - Virtual size: 120B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.rmnet
Size: 56KB - Virtual size: 60KB