0a6202616a672cbfe3b613e1e143e96ae00a181c1edc6f8e12d0493a447409cd

Sharing

Copy URL Twitter E-mail

General

Target

0a6202616a672cbfe3b613e1e143e96ae00a181c1edc6f8e12d0493a447409cd
Size

172KB
MD5

4f9abec3443a4ac3f9c364dfd655eb60
SHA1

317165a76b09cbddec130d2f422e7444b69e152e
SHA256

0a6202616a672cbfe3b613e1e143e96ae00a181c1edc6f8e12d0493a447409cd
SHA512

ab7dedeba83960e238e7fd0c866401c02e2039196b13eb8b82f8a810ad70c05732a6cafc03f73240e65a8f06c9ed10f39be2ff68c90db381b7bbc48e1134be52
SSDEEP

3072:2W16dUgl8kKo5wUa8tV4Q8en9w2ARw8cjB8oQ+G:N0BaVM1AW6oQN

Score

N/A

Malware Config

Signatures

Files

0a6202616a672cbfe3b613e1e143e96ae00a181c1edc6f8e12d0493a447409cd
.dll windows x86

8a7fe359106814874e43f3d61f790d2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FlushFileBuffers
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WideCharToMultiByte
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
SetFilePointer
FreeEnvironmentStringsW
WriteFile
SetLastError
OutputDebugStringA
GetCurrentProcess
GetVersion
lstrlenA
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
EnterCriticalSection
FreeLibrary
GlobalHandle
LeaveCriticalSection
TlsFree
DeleteCriticalSection
GlobalUnlock
GlobalFree
LocalFree
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleFileNameA
CloseHandle
GetEnvironmentStrings
GlobalLock
GetEnvironmentStringsW
GetStartupInfoA
GetLastError

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowTextA
ShowWindow
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
GetCapture
WinHelpA
GetClassInfoA
GetMenuItemCount
GetSubMenu
GetTopWindow
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
SendMessageA
PostQuitMessage
EnableWindow
RegisterClassA
GetMenu
GetMenuItemID
SetTimer
KillTimer
WaitMessage
PeekMessageA
DispatchMessageA
PostMessageA
UnhookWindowsHookEx
UnregisterClassA
GetMessageTime

gdi32

CreateBitmap
SetTextColor
SetBkColor
GetClipBox
DeleteDC
GetObjectA
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

wsock32

bind
shutdown
setsockopt
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
recv
accept
ioctlsocket
WSAAsyncSelect
htons
htonl
closesocket
gethostbyname
socket
send
inet_ntoa
connect
recvfrom
sendto

Exports

Exports

_ClientSocketDestroy@0
_ClientSocketInit@16
_ClientSocketSendMsg@8
_ClientSocketSendStr@8

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a7fe359106814874e43f3d61f790d2a

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

wsock32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 10KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 10KB

.rmnet
Size: 60KB - Virtual size: 60KB