25d61011d16a3e631e981c782e2e885ed5e5ad24555224e9d777c301d2f9b1f0

Sharing

Copy URL Twitter E-mail

General

Target

25d61011d16a3e631e981c782e2e885ed5e5ad24555224e9d777c301d2f9b1f0
Size

84KB
MD5

778377bb491b4ac8330a5a49fb0f5919
SHA1

640a511c6ff0fc1f599ab6f4f2c544b6e5028adb
SHA256

25d61011d16a3e631e981c782e2e885ed5e5ad24555224e9d777c301d2f9b1f0
SHA512

52cead8a57ee14f4bd0b11dc62510b0cee3a615f04fc622579e9e94aa740eacf752f915506f95c858465cf989cebbc713924c2b12bc81b3f25132a88efbacfc9
SSDEEP

1536:I/scLsaX+vHTQ6lBD4JmAd5poDrQicBk/nomt0cnu:IkcQw+Am2HAo4nomt0P

Score

N/A

Malware Config

Signatures

Files

25d61011d16a3e631e981c782e2e885ed5e5ad24555224e9d777c301d2f9b1f0
.dll windows x86

162714a6c17180f01229ed97f51ce3e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
GetSystemDirectoryA
Sleep
WinExec
WritePrivateProfileStringA
CompareStringW
CompareStringA
CloseHandle
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
SetConsoleCtrlHandler
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
RaiseException
GetCommandLineA
GetVersion
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetFilePointer
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
SetEnvironmentVariableA

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ws2_32

gethostname
gethostbyname
inet_ntoa
WSACleanup
WSAStartup

netapi32

Netbios

urlmon

URLDownloadToFileA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

Exports

Exports

FucImport
GetExeFileName

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

162714a6c17180f01229ed97f51ce3e0

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

netapi32

urlmon

wininet

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 4KB