b229c5afa9f37bfb8915189769bf25b96c177aa715ae7766c33c998fa995eb19

Sharing

Copy URL Twitter E-mail

General

Target

b229c5afa9f37bfb8915189769bf25b96c177aa715ae7766c33c998fa995eb19
Size

192KB
MD5

2e2c147ad1d446a65fdcb57239f1fc20
SHA1

32be5f447843672b36d87318c0a3ad4dfdac170e
SHA256

b229c5afa9f37bfb8915189769bf25b96c177aa715ae7766c33c998fa995eb19
SHA512

4e86fc1db30f8411c5d9e4aac50c4aad6702f8fe6e041d2a2d33d453e1612729bc6c3152cadff1fa1d45c43971ddf2322305c79218e5dfd32dc47b0aa7a90175
SSDEEP

3072:ouAUtoQGiOYjQqzbjStMtrqbKMPssd3SKWKFwghPH:J2TYB3bXMP7IKFwiPH

Score

N/A

Malware Config

Signatures

Files

b229c5afa9f37bfb8915189769bf25b96c177aa715ae7766c33c998fa995eb19
.dll windows x86

bb4643b00f619a027678b1c7c24ac7cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpQueryInfoA
HttpSendRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

shell32

SHCreateDirectoryExA

user32

TranslateMessage
wsprintfA
PostThreadMessageA
PeekMessageA
GetMessageA

shlwapi

PathFileExistsA

kernel32

HeapDestroy
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
CloseHandle
CreateEventA
ResetEvent
SetEvent
WaitForSingleObject
GetLastError
GetTickCount
CreateFileA
SetFilePointer
WriteFile
MoveFileExA
DeleteFileA
Sleep
FindFirstFileA
lstrlenA
lstrcpyA
lstrcatA
TerminateThread
GetModuleFileNameA
FindClose
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
ResumeThread
CreateThread
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
MultiByteToWideChar
ReadFile
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers

Exports

Exports

??0CUpdateModule@@QAE@XZ
??4CUpdateModule@@QAEAAV0@ABV0@@Z
?fnUpdateModule@@YAHXZ
?nUpdateModule@@3HA
Check
Down
GetFileMD5
Stop
TerminateStop

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb4643b00f619a027678b1c7c24ac7cd

Headers

File Characteristics

Imports

wininet

shell32

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1010B

.reloc Size: 8KB - Virtual size: 7KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1010B

.reloc
Size: 8KB - Virtual size: 7KB

.rmnet
Size: 60KB - Virtual size: 60KB