c837c903fd1eecc7df64b8effee10e08e6489a3232ac7bb2d0fa0a3173219c18

Sharing

Copy URL Twitter E-mail

General

Target

c837c903fd1eecc7df64b8effee10e08e6489a3232ac7bb2d0fa0a3173219c18
Size

57KB
MD5

6057828fce9e92d224b7c6e1c676dac0
SHA1

ca8497bad18d97ddffd9aab24bec083ee0af3fc1
SHA256

c837c903fd1eecc7df64b8effee10e08e6489a3232ac7bb2d0fa0a3173219c18
SHA512

768a093ab7934ea333ff42d03eee537e1a1b8cb85e2fecf7b3a3f9d4d27249cb7ee03c5937d54f28b08aeafc7da23db2aba43d311de49e6970d30c0ee19cdf79
SSDEEP

768:lcxTyQw/Q53x2LgVlU9wznMnOZXkimcxT:lcxTyQwYuQU9675mcxT

Score

N/A

Malware Config

Signatures

Files

c837c903fd1eecc7df64b8effee10e08e6489a3232ac7bb2d0fa0a3173219c18
.dll windows x86

739182f6cb95475eb8de8a69afbc89c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetCurrentThreadId
OpenEventA
CreateEventA
GetModuleFileNameA
DeviceIoControl
DeleteFileA
GetCPInfoExA
GetACP
TerminateThread
SetComputerNameW
ExitProcess
ExitThread
DisableThreadLibraryCalls
TerminateProcess
GetCurrentProcess
GetLastError
VerLanguageNameA
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
CreateThread
Sleep
GetTempPathA
CreateFileA
WriteFile
CreateProcessA
GetLocalTime
GetTickCount
VerLanguageNameW
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle

user32

PostThreadMessageA
GetMessageA
EnumWindows
GetInputState
PostMessageA
CreateWindowStationW
wsprintfA
GetWindowLongW
GetWindowTextA
GetMenuItemInfoW
GetWindowThreadProcessId

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

gdi32

GetBkMode

advapi32

LookupPrivilegeValueA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
AdjustTokenPrivileges
OpenProcessToken
CloseServiceHandle
ControlService
OpenServiceA
DeleteService
OpenSCManagerA

msvcrt

memset
_strlwr
strrchr
strstr
__CxxFrameHandler
time
srand
memcpy
sprintf
strcpy
strcat
strlen
??3@YAXPAX@Z

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

739182f6cb95475eb8de8a69afbc89c1

Headers

File Characteristics

Imports

kernel32

user32

wininet

gdi32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.code Size: 1024B - Virtual size: 708B

.pata Size: 4KB - Virtual size: 4KB

.uata Size: 4KB - Virtual size: 4KB

.rata Size: 4KB - Virtual size: 4KB

.zata Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 33KB

.code
Size: 1024B - Virtual size: 708B

.pata
Size: 4KB - Virtual size: 4KB

.uata
Size: 4KB - Virtual size: 4KB

.rata
Size: 4KB - Virtual size: 4KB

.zata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB