b194c41a5f122add2f2368b535f5dabbbdf0e21f4f5329196e55f565ee493fc8

Sharing

Copy URL Twitter E-mail

General

Target

b194c41a5f122add2f2368b535f5dabbbdf0e21f4f5329196e55f565ee493fc8
Size

56KB
MD5

91eb219a5c4445e1a70999fc299c7f40
SHA1

1a3d597897f5a8e734d07315eaea79b0f38a1c7e
SHA256

b194c41a5f122add2f2368b535f5dabbbdf0e21f4f5329196e55f565ee493fc8
SHA512

9810f62897d76efe7f0208886257990e8103689e51230b6d884f046cab6956b714dba25cc19d2c7f36cf0741a47fdd494c08d577b4312453f746e959ab6a52c0
SSDEEP

1536:kHVozXhjZ4WacU++Az5/P8UU3I8S/BPlnoYx:k1olvq47BPp

Score

N/A

Malware Config

Signatures

Files

b194c41a5f122add2f2368b535f5dabbbdf0e21f4f5329196e55f565ee493fc8
.dll windows x86

773fbc346e0a4514d3bde8d9d8c37433

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ReadFile
Sleep
lstrcatA
lstrcpyA
GetLocaleInfoA
GetTickCount
CreateEventA
GetDriveTypeA
GetLogicalDriveStringsA
FindNextFileA
FindClose
FindFirstFileA
CreateDirectoryA
MoveFileA
CreateProcessA
SetFilePointer
GetFileSize
GetCurrentProcess
WriteFile
WaitForSingleObject
CreateThread
GetSystemTime
GetStartupInfoW
MultiByteToWideChar
GetStartupInfoA
CreatePipe
GetSystemDirectoryA
GetEnvironmentVariableA
TerminateProcess
PeekNamedPipe
GetTempPathA
DuplicateHandle
HeapFree
HeapAlloc
GetProcessHeap
SetEndOfFile
GetVersionExA
CopyFileA
DeleteFileA
GetModuleFileNameA
GetTempFileNameA
FreeLibrary
LoadLibraryA
GetProcAddress
DosDateTimeToFileTime
GetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
CreateFileA
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime

user32

ExitWindowsEx

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptDecrypt
CryptDestroyKey
CryptDestroyHash
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LogonUserA
CreateProcessWithLogonW

shell32

SHFileOperationA

msvcrt

??1type_info@@UAE@XZ
__dllonexit
_open
_CxxThrowException
?terminate@@YAXXZ
rename
_local_unwind2
_except_handler3
atoi
strncat
time
srand
rand
_initterm
??3@YAXPAX@Z
malloc
??2@YAPAXI@Z
__CxxFrameHandler
strrchr
strncpy
sprintf
_tempnam
remove
_lseek
_close
_write
_adjust_fdiv
_read
free
_onexit

ws2_32

inet_addr
WSAStartup
WSACleanup
gethostbyname

iphlpapi

GetAdaptersInfo

ntdll

_itoa

wininet

HttpSendRequestExA
HttpEndRequestA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetWriteFile

userenv

CreateEnvironmentBlock
GetUserProfileDirectoryA
DestroyEnvironmentBlock

Exports

Exports

ServiceMain

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773fbc346e0a4514d3bde8d9d8c37433

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

ws2_32

iphlpapi

ntdll

wininet

userenv

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 20KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 20KB

.reloc
Size: 4KB - Virtual size: 3KB