e478c916be873874a4160cbe0a41a896ec1b3e711a95ee0e658a029b5f7b9ad2

Sharing

Copy URL Twitter E-mail

General

Target

e478c916be873874a4160cbe0a41a896ec1b3e711a95ee0e658a029b5f7b9ad2
Size

43KB
MD5

4186f688a68701bbdb56053302173b60
SHA1

b8fda31baf8f695c310c4b35d247ed50708b3870
SHA256

e478c916be873874a4160cbe0a41a896ec1b3e711a95ee0e658a029b5f7b9ad2
SHA512

7a2ba2b8652e78029893a8fe5e9cc4ee5b31323b251331c472cb8d6825db1909fd04e7ba2225170678c6fa154782e91c386bbb204441cbe5a8e245285a1a38c8
SSDEEP

768:2Kmno+NLeUKKEBMKUsdRbD+K+56ZdgPTHu7FZtwQR1W13AZLx:2Kmo+NiUKKEBhZAV56XgLO7FZqQGMx

Score

N/A

Malware Config

Signatures

Files

e478c916be873874a4160cbe0a41a896ec1b3e711a95ee0e658a029b5f7b9ad2
.dll windows x86

1e755718dc4c30f24b50bc229ce51885

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
WaitForSingleObject
GetFileSize
GetLastError
CreateEventA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
SetFileAttributesA
GetTimeZoneInformation
VirtualProtect
CreateMutexA
GetComputerNameA
LoadLibraryA
GetProcAddress
DeleteFileA
GlobalAlloc
GlobalLock
GetPrivateProfileStringA
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
OutputDebugStringA
MultiByteToWideChar
WideCharToMultiByte
Sleep
CreateThread
CloseHandle
WritePrivateProfileStringA
GetTempPathA
Ex�<HW
IsBadReadPtr
GetCurrentDirectoryA
GetModuleHandleA

user32

GetDC
ReleaseDC
GetWindowRect
GetDesktopWindow
wsprintfA
EnumWindows
GetWindowThreadProcessId
GetParent
GetWindowTextA
CallWindowProcA
GetClassNameA
RegisterShellHookWindow
RegisterWindowMessageA
SetWindowLongA
wvsprintfA
GetClientRect

gdi32

DeleteObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
SelectObject
GetDIBits
CreateDCA

gdiplus

GdiplusShutdown
GdipSaveImageToFile
GdipLoadImageFromFile
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage

ws2_32

WSACleanup
WSAStartup
htons
inet_addr
socket
connect
send
recv
setsockopt
inet_ntoa
gethostbyname
WSARecv
WSASend
closesocket

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nulls��
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

sscanf
mktime
strrchr
strchr
atoi
abs
malloc
wcscmp
__CxxFrameHandler
fmod
strncmp
wcslen
??2@YAPAXI@Z
fopen
fgets
strstr
strncpy
strcpy
memset
sprintf
strcmp
strlen
strcat
free
__dllonexit
_onexit
_initterm
_adjust_fdiv
_stricmp
_strrev
_getpid
_strlwr
memcpy

netapi32

Netbios

Exports

Exports

DriverProc
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode
modMessage
modmCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e755718dc4c30f24b50bc229ce51885

Headers

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

ws2_32

msvcp60

wininet

msvcrt

netapi32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 544KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 544KB

.reloc
Size: 4KB - Virtual size: 4KB