fb074c37eef9bfc98398e32eaa879bd40a38f5e9a41d828bf1db84687338ea46

Sharing

Copy URL Twitter E-mail

General

Target

fb074c37eef9bfc98398e32eaa879bd40a38f5e9a41d828bf1db84687338ea46
Size

64KB
MD5

629c5d395d5385d950ceb4bca41905ef
SHA1

228319aedccb564de5de49a2d053b9749c2facf6
SHA256

fb074c37eef9bfc98398e32eaa879bd40a38f5e9a41d828bf1db84687338ea46
SHA512

3e40d7d162fd3d5551b9f4910e670790ab3f30fbb50140efec68b7afc029df7be97f27a6a8cdc2cccab30ec27aff4b97076e90758cfb018ba846397515c73d59
SSDEEP

768:jNzYwhZ8HFYrImbZCdZT4mLLStGIgS4cDzaJpZ1lrTtDobj6O:ZHZGF5T4XeS4cIRl1obj

Score

N/A

Malware Config

Signatures

Files

fb074c37eef9bfc98398e32eaa879bd40a38f5e9a41d828bf1db84687338ea46
.dll windows x86

a276d019e20f99ac6111a3c79ee45889

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
WinExec
Sleep
CreateMutexA
GetLastError
CreateThread
CloseHandle
ReleaseMutex
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
RtlUnwind
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
WriteFile
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegEnumValueA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
HttpQueryInfoA

ws2_32

inet_ntoa
gethostbyname
inet_addr
WSAStartup
WSACleanup

iphlpapi

SendARP

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a276d019e20f99ac6111a3c79ee45889

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

ws2_32

iphlpapi

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 920B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 920B

.reloc
Size: 4KB - Virtual size: 3KB