5fa372641fd7c36b573fa745d106ecf89f6a9f984fcf16636e2e8fc91b4f0c05

Sharing

Copy URL Twitter E-mail

General

Target

5fa372641fd7c36b573fa745d106ecf89f6a9f984fcf16636e2e8fc91b4f0c05
Size

444KB
MD5

4341fe15b7e7b009240f02b69ef33bb0
SHA1

2aaec9995bc3d2932c90f7f4288993be5f6142cc
SHA256

5fa372641fd7c36b573fa745d106ecf89f6a9f984fcf16636e2e8fc91b4f0c05
SHA512

6a7ffd99448106cfd2c81f962aeb4b6a62af7057c426e8451ae5aba73e26b7fa0bbac18ff48ce6d4073ba520d3c52dfa169b617d25221b918d8996491daa04e9
SSDEEP

6144:JdJC+sB0W60D9SchtBjEA3gnYwAJoZJvoNqTVor7m+hbCxYj:LQ+s60DIcfGg2QNqJoPn+S

Score

N/A

Malware Config

Signatures

Files

5fa372641fd7c36b573fa745d106ecf89f6a9f984fcf16636e2e8fc91b4f0c05
.dll windows x86

c917b6ad9a7abccb5dad10abff94ad30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
HeapAlloc
GetProcessHeap
CloseHandle
WaitForSingleObject
CreateProcessA
GetTempPathA
SetThreadPriority
CreateThread
WaitForMultipleObjects
GetModuleFileNameA
CreateFileMappingA
CreateFileA
InterlockedDecrement
Sleep
InterlockedIncrement
SetUnhandledExceptionFilter
GetNumberOfConsoleInputEvents
PeekConsoleInputA
SetConsoleMode
ReadConsoleInputA
InitializeCriticalSection
EnterCriticalSection
OutputDebugStringA
LeaveCriticalSection
GetCurrentProcess
TerminateProcess
SetConsoleTextAttribute
GetStdHandle
GetConsoleScreenBufferInfo
SetEndOfFile
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetExitCodeProcess
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableW
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
LoadLibraryExA
GetCurrentProcessId
FreeLibrary
LoadLibraryA
GetComputerNameA
GetPriorityClass
GetTickCount
GetEnvironmentVariableA
SetEvent
ResetEvent
CreateEventA
DeleteCriticalSection
LocalFree
FormatMessageA
GetLastError
GetCurrentThread
ResumeThread
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
CreateDirectoryA
FindNextFileA
ExitProcess
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
GetFileAttributesA
UnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointer
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

tier0

?DevMsg@@YAXPBDZZ
Plat_FloatTime
CommandLine_Tier0
SpewOutputFunc
AssertValidStringPtr
_AssertValidWritePtr
ThreadWaitForObjects
Plat_IsInDebugSession
ReleaseThreadHandle
CreateSimpleThread
StackToolsNotify_LoadedLibrary
GetThreadedLoadLibraryFunc
?DevWarning@@YAXPBDZZ
g_ClockSpeed
ThreadInterlockedAssignIf64
g_pVCR
Plat_MSTime
Plat_SetThreadName
g_ClockSpeedSecondsMultiplier
GetSpewOutputColor
g_pMemAlloc
Msg
Error
Warning
?Lock@CThreadFastMutex@@ACEXII@Z

vstdlib

RandomSeed
RandomInt
KeyValuesSystem

ws2_32

ioctlsocket
connect
WSAGetLastError
listen
socket
bind
setsockopt
closesocket
WSASend
WSARecv
WSAGetOverlappedResult
accept
select
WSAStartup
htons
ntohs
gethostbyname
recvfrom
WSASocketA
sendto
WSASendTo

user32

RegisterClassExA
CreateWindowExA
ShowWindow
PeekMessageA
DispatchMessageA
TranslateMessage
InvalidateRect
BeginPaint
EndPaint
DefWindowProcA
SetWindowTextA
LoadCursorA

gdi32

GetStockObject
CreateSolidBrush
SelectObject
DeleteObject
Rectangle

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

CreateInterface

Sections

.text
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c917b6ad9a7abccb5dad10abff94ad30

Headers

File Characteristics

Imports

kernel32

tier0

vstdlib

ws2_32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 217KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 16KB - Virtual size: 53KB

.reloc Size: 20KB - Virtual size: 19KB

.text Size: 144KB - Virtual size: 144KB

.text
Size: 220KB - Virtual size: 217KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 16KB - Virtual size: 53KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 144KB - Virtual size: 144KB