103a320af7b58571f9b9f614fa4ea2410a720a1cbef607ef1f7a41ce22133b3b

Sharing

Copy URL Twitter E-mail

General

Target

103a320af7b58571f9b9f614fa4ea2410a720a1cbef607ef1f7a41ce22133b3b
Size

43KB
MD5

82bf58cb3b91576db866e3d8544bd90e
SHA1

52aca2dd62038b0992ff6f7d10bc2d4df41bf103
SHA256

103a320af7b58571f9b9f614fa4ea2410a720a1cbef607ef1f7a41ce22133b3b
SHA512

cdbf66e7ac009e238fde22de79e956d16fb92ac1d88d222635897848b24e3887849b944439aef7344853fd4dadd2eb32a870df55da45abe45896158717e065ce
SSDEEP

768:KyHRV5CwsfDu3HvUSPfml8jCcAhc4/VAp44N6tiJ5U8U:KyHRrCwOR848WcAF54N6t7R

Score

N/A

Malware Config

Signatures

Files

103a320af7b58571f9b9f614fa4ea2410a720a1cbef607ef1f7a41ce22133b3b
.dll windows x86

15423866979a5b02e59c88eac3a5e797

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
CreateProcessA
FindClose
FindNextFileA
SetFileAttributesA
CopyFileA
FindFirstFileA
GetDriveTypeA
GetLogicalDriveStringsA
DisableThreadLibraryCalls
CreateFileA
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FreeLibrary
ExitProcess
DeleteFileA
GetFileAttributesA
lstrcatA
GetLastError
SetLastError
lstrcmpiA
lstrlenA
lstrcpyA
FreeConsole
GetModuleFileNameA
GetSystemDirectoryA
MoveFileA
WaitForSingleObject
CloseHandle
GetTempPathA
Sleep
LoadLibraryA
GetProcAddress
WinExec
CreateThread
CreateMutexA
WideCharToMultiByte
DeviceIoControl
ExitThread
GetTickCount

user32

MessageBoxA
wsprintfA
GetDesktopWindow
ExitWindowsEx

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
CreateServiceA
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA

shell32

ShellExecuteA

ws2_32

send
select
__WSAFDIsSet
recv
WSAStartup
socket
connect
setsockopt
WSAIoctl
WSACleanup
inet_ntoa
gethostbyname
gethostname
htons
closesocket
inet_addr
sendto
WSASocketA
htonl

msvcrt

strchr
??1type_info@@UAE@XZ
printf
time
srand
sprintf
rand
_mbschr
_stricmp
strlen
_except_handler3
_CxxThrowException
atoi
strcpy
strncpy
strcspn
strstr
memcpy
fopen
system
strcat
wcstombs
??3@YAXPAX@Z
malloc
realloc
??2@YAPAXI@Z
__CxxFrameHandler
memset

Exports

Exports

Install
LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
StartRouter
WINTEST
ftsWordBreak

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15423866979a5b02e59c88eac3a5e797

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 39KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 39KB - Virtual size: 39KB

.reloc
Size: 2KB - Virtual size: 2KB