1af4214b77a6dd2cc81b5b637191e617aa115024b989b2714323956a3cca488a

Sharing

Copy URL Twitter E-mail

General

Target

1af4214b77a6dd2cc81b5b637191e617aa115024b989b2714323956a3cca488a
Size

140KB
MD5

a084a7a7ecafec03576735403eba1500
SHA1

9b1c203a45e4eaebe030d90aa86448f6b0077096
SHA256

1af4214b77a6dd2cc81b5b637191e617aa115024b989b2714323956a3cca488a
SHA512

14b670e56ff3ece6cc89927ea1da43fc14327981e24e252333f2a74250444565a44767c5314a525bc26f413e0099078d9b543e09979e5826124990d053024496
SSDEEP

3072:SxaeXcNy7sSOohoCNiv1jJ+ymSUp9OgfgJKVp65VJwTjHG:SxaeXGyflX/rpf6qfm

Score

N/A

Malware Config

Signatures

Files

1af4214b77a6dd2cc81b5b637191e617aa115024b989b2714323956a3cca488a
.dll windows x86

8d7911468706223fd8e0fa8c15af3395

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
WSAStartup
gethostbyname
WSAGetLastError
WSACleanup

winmm

timeGetTime

kernel32

LoadLibraryA
GetProcAddress
Sleep
GlobalMemoryStatus
GetModuleHandleA
GetVersionExA
VirtualAlloc
LCMapStringA
LCMapStringW
SetStdHandle
WideCharToMultiByte
GetACP
CloseHandle
FlushFileBuffers
HeapFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetOEMCP
MultiByteToWideChar
FreeEnvironmentStringsA
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
GetStringTypeA
GetStringTypeW
GetCPInfo

user32

RegisterClassExA
CreateWindowExA
DefWindowProcA
GetDC
GetDesktopWindow

gdi32

ChoosePixelFormat
SetPixelFormat
DescribePixelFormat

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

Check3DNowTechnology
CheckMMXTechnology
CheckSSETechnology
CreateInterface
DisplaySystemVersion
GetIPAddress
GetProcessorSpeed
GetRam
GetVideoCardDX8
GetVideoCardGL
SurveyClient

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d7911468706223fd8e0fa8c15af3395

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 19KB

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 19KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB