d6891286b2c2d018625e0fb6ce861cc2cece9bb5919f30511d25efac9f00f6a3

Sharing

Copy URL Twitter E-mail

General

Target

d6891286b2c2d018625e0fb6ce861cc2cece9bb5919f30511d25efac9f00f6a3
Size

294KB
MD5

43ccb62fc3b7788846898f148314d5c0
SHA1

3bb016f7081754493309ac7ee6497db3966a317e
SHA256

d6891286b2c2d018625e0fb6ce861cc2cece9bb5919f30511d25efac9f00f6a3
SHA512

85272a7edb27022766bf67b242644e7ae1a88b6af907d13efe8fea3a19880915770465464015727a84ab102da11f8bd38cc918ab66cba6dc08cc397648274d81
SSDEEP

6144:8qPoiWCaUa9QfdETdbEycQ2D3F+KPj5MU:horCgwd6JF6F+Cj5T

Score

N/A

Malware Config

Signatures

Files

d6891286b2c2d018625e0fb6ce861cc2cece9bb5919f30511d25efac9f00f6a3
.dll windows x86

487b664f0bc85498bb31a2e61df34673

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
CloseHandle
WaitForSingleObject
CreateThread
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetPrivateProfileStringA
GetModuleFileNameA
CreateFileA
ReadFile
SetFilePointer
GetFileSize
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
GetFileInformationByHandle
PeekNamedPipe
GetFileType
MoveFileA
DeleteFileA
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
SetHandleCount
GetStdHandle
GetStartupInfoA
TerminateProcess
GetCurrentProcess
FlushFileBuffers
WriteFile
SetStdHandle
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

wsprintfA

wsock32

WSAStartup
getsockname
connect
WSAGetLastError
select
__WSAFDIsSet
send
recv
WSACleanup
closesocket
socket
inet_ntoa
ioctlsocket
gethostbyname
gethostbyaddr
htons
htonl
inet_addr
shutdown

Exports

Exports

getMP4Lib

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

487b664f0bc85498bb31a2e61df34673

Headers

File Characteristics

Imports

kernel32

user32

wsock32

Exports

Exports

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 32KB - Virtual size: 37KB

.reloc Size: 18KB - Virtual size: 18KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 32KB - Virtual size: 37KB

.reloc
Size: 18KB - Virtual size: 18KB

.rmnet
Size: 56KB - Virtual size: 60KB