d58ec51801dcbe23c065e03e2b9cdfe2745349e5b7ffb7d44883a6991eef2074

Sharing

Copy URL Twitter E-mail

General

Target

d58ec51801dcbe23c065e03e2b9cdfe2745349e5b7ffb7d44883a6991eef2074
Size

296KB
MD5

7764b62e361678fc1c47eaf8ee7a2772
SHA1

05b5c4bf1a32e80fa81e4e9f7e082d20a14081c1
SHA256

d58ec51801dcbe23c065e03e2b9cdfe2745349e5b7ffb7d44883a6991eef2074
SHA512

482aa93eb345e7614594091345bb15aa4a2cfc68cfe8f38f87047f100cbef24b316c7bf23e68ccab53fbf4ac8d4866af81ecebae67f8c4b5f12a6b306ad72b09
SSDEEP

6144:f27odOmT7M4vwfkrudUYpfQ6pxCwkeE1:4MT73vjrsxf9xCld1

Score

N/A

Malware Config

Signatures

Files

d58ec51801dcbe23c065e03e2b9cdfe2745349e5b7ffb7d44883a6991eef2074
.dll windows x86

b3897f0a5bc55eff6029efd91d7127a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
lstrcpyA
ResetEvent
CreateThread
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
CloseHandle
lstrcmpA
lstrlenA
GetPrivateProfileIntA
GetModuleFileNameA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
ReleaseMutex
CreateMutexA
GetVersionExA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetCPInfo
SetFilePointer
GetStringTypeW
GetStringTypeA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
LCMapStringW
LCMapStringA
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
HeapReAlloc
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

GetSystemMetrics
SendMessageA
DestroyWindow
DialogBoxParamA
SetTimer
EndDialog
KillTimer
SetWindowLongA
PostMessageA
GetDlgItem
CallWindowProcA
SetWindowTextA
RedrawWindow
EnableWindow
MessageBoxA
LoadStringA
GetWindowTextA
wsprintfA
MoveWindow
GetWindowRect
GetParent
ShowWindow
SetWindowPos
ReleaseDC
GetDC
CreateDialogParamA

comctl32

ord17

wsock32

socket
closesocket
WSASetLastError
inet_addr
htonl
WSAGetLastError
gethostbyname
ioctlsocket
getservbyname
htons
gethostbyaddr
ntohs
getservbyport
ntohl
recvfrom
sendto
WSACleanup
WSAStartup
gethostname
setsockopt
inet_ntoa
bind
select

Exports

Exports

EndListDlg
GetBoisID
PrinterSearch
PrinterSearch2
_Dlg@8

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3897f0a5bc55eff6029efd91d7127a2

Headers

File Characteristics

Imports

kernel32

user32

comctl32

wsock32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 80KB - Virtual size: 88KB

.rsrc Size: 92KB - Virtual size: 91KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 80KB - Virtual size: 88KB

.rsrc
Size: 92KB - Virtual size: 91KB

.reloc
Size: 12KB - Virtual size: 9KB