2a4eb5d833a964487bfe0499eaee7862dd5c5e0ce058eda2a15f4e1068ff8514

Sharing

Copy URL Twitter E-mail

General

Target

2a4eb5d833a964487bfe0499eaee7862dd5c5e0ce058eda2a15f4e1068ff8514
Size

1.3MB
MD5

80195094ca0ccbb6d22674d4a67db4c1
SHA1

2c89acf166b88bbc88cc1a67bff828fe1e45e0ca
SHA256

2a4eb5d833a964487bfe0499eaee7862dd5c5e0ce058eda2a15f4e1068ff8514
SHA512

193f34109a3f549c82ead36f1aa063d577db2b929070bfd67889cd61669703da41b38e5253eee663746ac0626a18ae20b1f0e3245cc8c5de32ff5162a2518820
SSDEEP

3072:FOoyd6QG6bUrTCo1Mph+EiPSAK4vzbc695KAyVwy:FHydhG6bcnMhgPVLvzQ694AyVw

Score

N/A

Malware Config

Signatures

Files

2a4eb5d833a964487bfe0499eaee7862dd5c5e0ce058eda2a15f4e1068ff8514
.dll windows x86

6c6511552416308ddf375b38a2c74dcc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
lstrcmpA
FindClose
FindNextFileA
FindFirstFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetEnvironmentVariableA
GetWindowsDirectoryA
GetDriveTypeA
ExitThread
SetThreadPriority
GetCurrentThread
lstrcatA
DeleteFileA
lstrcpyA
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
LocalFree
lstrcmpiW
LocalAlloc
lstrcatW
lstrcmpiA
GetSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
MultiByteToWideChar
TerminateThread
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
InitializeCriticalSection
ReleaseMutex
DeleteCriticalSection
SetErrorMode
GetLastError
GlobalAlloc
GetLocalTime
GetCurrentThreadId
GlobalFree
CreateFileA
SetFilePointer
WriteFile
GetSystemDirectoryA
GetModuleHandleA
MulDiv
LoadLibraryA
GetProcAddress
lstrcpynA
GetTickCount
GetProcessHeap
HeapAlloc
HeapFree
Sleep
WideCharToMultiByte
lstrlenA
CreateProcessA
WaitForSingleObject
CloseHandle
InterlockedDecrement

user32

KillTimer
UnhookWindowsHookEx
CallNextHookEx
MessageBoxA
DrawTextA
wsprintfW
CharUpperA
CharLowerA
wsprintfA
wvsprintfA
FillRect
SetTimer

gdi32

SetBkColor
SetBkMode
SelectObject
GetDeviceCaps
CreateFontA
SetTextColor
DeleteObject
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC
LineTo
MoveToEx
CreatePen
SetPixel
CreateSolidBrush
CreateDIBSection
PatBlt

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
VariantClear

ws2_32

select
recv
ntohs
closesocket
htons
socket
sendto
inet_addr
WSAStartup
gethostbyaddr
gethostname
send
connect
gethostbyname
inet_ntoa

gdiplus

GdipFree
GdipCloneImage
GdipAlloc
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP

msvcp60

??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ

msvcrt

_initterm
_onexit
__dllonexit
_CxxThrowException
free
__mb_cur_max
_isctype
_pctype
sprintf
_mbsstr
_mbsnbcpy
??2@YAPAXI@Z
malloc
strcpy
strcat
__CxxFrameHandler
strstr
strchr
strlen
_except_handler3
isxdigit
toupper
isdigit
memcpy
tolower
memset
div
_adjust_fdiv
??1type_info@@UAE@XZ
isalnum
_strcmpi

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c6511552416308ddf375b38a2c74dcc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ws2_32

gdiplus

msvcp60

msvcrt

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

Shared Size: 34KB - Virtual size: 33KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 1.2MB - Virtual size: 1.2MB

Shared
Size: 34KB - Virtual size: 33KB

.reloc
Size: 9KB - Virtual size: 8KB