927c3790139cb9c346f13e5b0aa5af06211936a368fe6676593954313a5f8297

Sharing

Copy URL Twitter E-mail

General

Target

927c3790139cb9c346f13e5b0aa5af06211936a368fe6676593954313a5f8297
Size

29KB
MD5

144ad12fd7eb4ffb4b79b5a06d9e360d
SHA1

7e300872aee5112813babca2596dc12549d62df7
SHA256

927c3790139cb9c346f13e5b0aa5af06211936a368fe6676593954313a5f8297
SHA512

69663ac5e86b5b9398f7ff9f8d8905cae517941d0d7d7eafa186bbca674fa672275729e3ac9fe52f31ecd4d049fa6eb84b6acb499271a79dfba2f83949d5e31a
SSDEEP

384:YKr0+kXWsTejzAVZZfmlchGtYa9NFQteql773CPrT4TAUPwm9RZPL3i:YKwlCjsZZzhGqQYeO7jCrT4TAFm93

Score

N/A

Malware Config

Signatures

Files

927c3790139cb9c346f13e5b0aa5af06211936a368fe6676593954313a5f8297
.dll windows x86

ae6353d4b7de13f1b55a5b621278b020

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateEventA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
SetFileAttributesA
VirtualProtect
GetModuleHandleA
CreateMutexA
WaitForSingleObject
CreateThread
ExitProcess
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GlobalAlloc
CloseHandle
IsBadReadPtr
GetCurrentDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
Sleep

user32

GetWindowTextA
wsprintfA
EnumWindows
GetWindowThreadProcessId
GetParent

ws2_32

send
connect
recv
socket
htonl
inet_ntoa
closesocket
gethostbyname
WSACleanup
WSAStartup
bind
htons
inet_addr

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

msvcrt

rand
strrchr
time
srand
strchr
atoi
strstr
malloc
__CxxFrameHandler
??2@YAPAXI@Z
memset
strlen
strcmp
strcat
sprintf
memcpy
strcpy
free
__dllonexit
_onexit
_initterm
_adjust_fdiv
_getpid
_stricmp
_strrev
_strlwr
strncpy

netapi32

Netbios

Exports

Exports

DriverProc
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode
modMessage
modmCallback

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae6353d4b7de13f1b55a5b621278b020

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

msvcp60

wininet

msvcrt

netapi32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 541KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 541KB

.reloc
Size: 3KB - Virtual size: 3KB