632c8d6804811af03954442fae632090477686b844ce488358f9df806158215b

Sharing

Copy URL Twitter E-mail

General

Target

632c8d6804811af03954442fae632090477686b844ce488358f9df806158215b
Size

108KB
MD5

a0aa8e4ed7d1d46570a8ccd0c097a990
SHA1

42a9ea0c66d0c2b2724d93fd7e0038cc691c9e8a
SHA256

632c8d6804811af03954442fae632090477686b844ce488358f9df806158215b
SHA512

2bda55a335fb6cfb5b7c4a56ee3011e8371bc69ff5ebe7f97b8fc95b6e3463f62a877115c00fa56ece9c61094a306ab7fbaa17da94391aa4ae20615b54ee18cf
SSDEEP

1536:C5oIj3qUgA6X/DLtdcVzasZVGjSU4YWJW4ET3fR7fMR4alMy6Mk:UoIj3qUaXbLzc9av1N4Y3fRzbalMy6M

Score

N/A

Malware Config

Signatures

Files

632c8d6804811af03954442fae632090477686b844ce488358f9df806158215b
.dll windows x86

6166ce088cca79edc3e6575fd15f1e9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3977
ord353
ord6140
ord6877
ord5583
ord535
ord5683
ord4129
ord350
ord537
ord3663
ord3616
ord3127
ord5651
ord354
ord5186
ord5773
ord5442
ord1979
ord665
ord356
ord5710
ord941
ord2770
ord1980
ord825
ord2781
ord3181
ord858
ord4058
ord668
ord5603
ord5858
ord341
ord654
ord5621
ord500
ord772
ord6142
ord5860
ord2818
ord5607
ord2614
ord860
ord800
ord540
ord5600
ord823
ord1083
ord773
ord501

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
sprintf
_mbscmp
_except_handler3
rand
_stricmp
strncpy
__CxxFrameHandler
strcat
malloc
free
strlen
memcpy
memset
_CxxThrowException
strcpy

kernel32

GetLocaleInfoA
GetComputerNameA
GetSystemWindowsDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
CreateDirectoryA
GetFileAttributesA
FindFirstFileA
FileTimeToSystemTime
FindClose
GetVolumeInformationA
GetDiskFreeSpaceExA
OutputDebugStringA
GetVersionExA
GlobalMemoryStatus
PeekNamedPipe
ReadFile
TerminateProcess
GetModuleHandleA
GetProcAddress
GetCurrentProcess
DuplicateHandle
CreateIoCompletionPort
GetOverlappedResult
GetTickCount
Sleep
DeviceIoControl
GetLastError
GetSystemDefaultLangID
TerminateThread
GetModuleFileNameA
DeleteFileA
MoveFileA
CreateThread
FreeLibrary
FindResourceA
LoadResource
LockResource
SizeofResource
WriteFile
FreeResource
CreateFileA
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedDecrement
GetDriveTypeA
GetLogicalDrives
GlobalFree
GlobalAlloc
CopyFileA
GetTempFileNameA
GetTempPathA
LocalFree
SetLastError
lstrcmpiA
LoadLibraryA
WaitForSingleObject
lstrlenA
GetQueuedCompletionStatus
GetSystemInfo

user32

PeekMessageA
DestroyWindow
CreateWindowExA
SetWindowLongA
wsprintfA
DispatchMessageA
TranslateMessage
GetWindowLongA
PostMessageA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHFileOperationA

ole32

CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoInitializeEx

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

ws2_32

WSAAsyncGetHostByName
recv
WSAAsyncSelect
inet_ntoa
ntohs
WSACancelAsyncRequest
socket
WSACleanup
listen
WSAGetLastError
htons
accept
connect
gethostname
closesocket
shutdown
send
WSAStartup
inet_addr
getsockname
bind

iphlpapi

GetAdaptersInfo

Exports

Exports

Init

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6166ce088cca79edc3e6575fd15f1e9f

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 5KB