f5b9d7a62b25559099601ea5b67d881e9d7ef9d6c954201d64d1f379cb55e5a7

Sharing

Copy URL Twitter E-mail

General

Target

f5b9d7a62b25559099601ea5b67d881e9d7ef9d6c954201d64d1f379cb55e5a7
Size

47KB
MD5

6acd95f68d1c1fbc6c94a6fe8ac0d8c8
SHA1

c5fbc9ac0b952645c868cfc9bfe30d573c5baff5
SHA256

f5b9d7a62b25559099601ea5b67d881e9d7ef9d6c954201d64d1f379cb55e5a7
SHA512

8cb9ea5636d4789f4bad692a34849c62c7a6d032a38e07149b21cde4497a9f317b8cc422a0adb397a60ff502b4c0e913e2e8d85328d08f25bd125d155450f226
SSDEEP

384:/nlZQSECeqC8V0B4qxFuTgISf059fmrmDDbs2L9LULy36SWFW42MNvWZW4W6:/nlZQBISf968C36JpW

Score

N/A

Malware Config

Signatures

Files

f5b9d7a62b25559099601ea5b67d881e9d7ef9d6c954201d64d1f379cb55e5a7
.dll windows x86

b109b38ce0c5c2c6f85f7be07562de0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
FindFirstFileA
lstrcpyA
MultiByteToWideChar
GlobalFree
CloseHandle
ReadFile
GlobalAlloc
GetFileSize
CopyFileA
CreateThread
VirtualProtect
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteFileA
CreateFileA
FindClose

advapi32

RegQueryValueExA
RegOpenKeyA

shell32

DoEnvironmentSubstA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

msvcrt

_adjust_fdiv
_initterm
strncat
memcpy
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
free
malloc
fclose
memcmp
strncmp
strlen
fread
fopen
strstr
_strlwr
sprintf
strcat
strcpy
strcmp
_except_handler3
wcsncmp
wcslen
__CxxFrameHandler
atoi

wininet

HttpSendRequestA
InternetCloseHandle
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA

shlwapi

PathFileExistsA

Exports

Exports

FaxiMonitorStartup
WowCancle
WowCheckPro
WowCommit
WowMxCheck
WowMxLCheck
WowMxRCheck
WowProtecter

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b109b38ce0c5c2c6f85f7be07562de0a

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

msvcrt

wininet

shlwapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 4KB - Virtual size: 1KB