720175415da66dd1b25fa3eb49e3eece50eafebeec0a88e3e8733508dba7c824

Sharing

Copy URL Twitter E-mail

General

Target

720175415da66dd1b25fa3eb49e3eece50eafebeec0a88e3e8733508dba7c824
Size

64KB
MD5

6fd3792443c607beeaa764a7cfedfd69
SHA1

55d29c25fb744aee900a6d8b2ac981080fd289c1
SHA256

720175415da66dd1b25fa3eb49e3eece50eafebeec0a88e3e8733508dba7c824
SHA512

d7ea2c4b32c3c3d5c11482be9c54a4cd13c0fd2fe53dc1305ffdb287df4c666f57bc0ee805fb2ef03c1b65370c00642caf6798dadde8bd7310b2b3aa51e6a732
SSDEEP

768:6YDDHIPizq9pjqQJgqQFJMfRj8+FnToIf1A+srbZFvkO:6YDDK3RgqQFki+FnToIfCbvk

Score

N/A

Malware Config

Signatures

Files

720175415da66dd1b25fa3eb49e3eece50eafebeec0a88e3e8733508dba7c824
.dll windows x86

957027ed68e1d9108bf349813d2e4889

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord825
ord354
ord5186
ord6385
ord1168
ord823
ord1979
ord665

msvcrt

_adjust_fdiv
malloc
_initterm
strncpy
sprintf
__CxxFrameHandler
_ftol
strncat
free
_onexit
__dllonexit

kernel32

CopyFileA
CloseHandle
CreateProcessA
DeleteFileA
FindClose
FindNextFileA
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
WriteFile
CreateFileA
ReadFile
GetFileSize
MoveFileA
Process32Next
GetPriorityClass
Module32First
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
TerminateProcess
OpenProcess
Sleep
GetTickCount
GetSystemDirectoryA
GetStartupInfoA
GetLocalTime
InterlockedExchange

user32

IsWindow
SendMessageA
CloseWindow
CreateWindowExA
GetForegroundWindow
GetWindowTextLengthA
GetWindowTextA
GetKeyState
GetAsyncKeyState
wsprintfA

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
LookupPrivilegeValueA

shell32

SHGetFileInfoA
ShellExecuteA

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

ws2_32

setsockopt
send
recv
gethostbyname
inet_addr
closesocket
connect
socket
htons
shutdown
WSAStartup

Exports

Exports

SetParamter
StartFileManageThread
StartKeyLogThread
StartProcessThread
StartShellThread
StartVideoThread

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957027ed68e1d9108bf349813d2e4889

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

msvcp60

avicap32

ws2_32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 808B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 808B

.reloc
Size: 4KB - Virtual size: 2KB