0ba5d7b4a26f42bbf5a826d9c9cfe9a8285e3eb2b13906ad2391d220fa76e7d3

Sharing

Copy URL Twitter E-mail

General

Target

0ba5d7b4a26f42bbf5a826d9c9cfe9a8285e3eb2b13906ad2391d220fa76e7d3
Size

56KB
MD5

969f92555299b1b498b4a0bc5daabc14
SHA1

83782da67e042e581478d1d59b48441310bf3aff
SHA256

0ba5d7b4a26f42bbf5a826d9c9cfe9a8285e3eb2b13906ad2391d220fa76e7d3
SHA512

6341aa20c0ea3cf942255fcae091090930dbec3ae2eabef8fd9c6bd044db0f5f981c5283c21a28d8f1b2415da926009443af6aa82245ee01421061f48d501995
SSDEEP

1536:kHVozXhjZ4WacU++Az5/P8UU3I8S/BPlnoAx:k1olvq47BPx

Score

N/A

Malware Config

Signatures

Files

0ba5d7b4a26f42bbf5a826d9c9cfe9a8285e3eb2b13906ad2391d220fa76e7d3
.dll windows x86

773fbc346e0a4514d3bde8d9d8c37433

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ReadFile
Sleep
lstrcatA
lstrcpyA
GetLocaleInfoA
GetTickCount
CreateEventA
GetDriveTypeA
GetLogicalDriveStringsA
FindNextFileA
FindClose
FindFirstFileA
CreateDirectoryA
MoveFileA
CreateProcessA
SetFilePointer
GetFileSize
GetCurrentProcess
WriteFile
WaitForSingleObject
CreateThread
GetSystemTime
GetStartupInfoW
MultiByteToWideChar
GetStartupInfoA
CreatePipe
GetSystemDirectoryA
GetEnvironmentVariableA
TerminateProcess
PeekNamedPipe
GetTempPathA
DuplicateHandle
HeapFree
HeapAlloc
GetProcessHeap
SetEndOfFile
GetVersionExA
CopyFileA
DeleteFileA
GetModuleFileNameA
GetTempFileNameA
FreeLibrary
LoadLibraryA
GetProcAddress
DosDateTimeToFileTime
GetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
CreateFileA
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime

user32

ExitWindowsEx

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptDecrypt
CryptDestroyKey
CryptDestroyHash
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LogonUserA
CreateProcessWithLogonW

shell32

SHFileOperationA

msvcrt

??1type_info@@UAE@XZ
__dllonexit
_open
_CxxThrowException
?terminate@@YAXXZ
rename
_local_unwind2
_except_handler3
atoi
strncat
time
srand
rand
_initterm
??3@YAXPAX@Z
malloc
??2@YAPAXI@Z
__CxxFrameHandler
strrchr
strncpy
sprintf
_tempnam
remove
_lseek
_close
_write
_adjust_fdiv
_read
free
_onexit

ws2_32

inet_addr
WSAStartup
WSACleanup
gethostbyname

iphlpapi

GetAdaptersInfo

ntdll

_itoa

wininet

HttpSendRequestExA
HttpEndRequestA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetWriteFile

userenv

CreateEnvironmentBlock
GetUserProfileDirectoryA
DestroyEnvironmentBlock

Exports

Exports

ServiceMain

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773fbc346e0a4514d3bde8d9d8c37433

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

ws2_32

iphlpapi

ntdll

wininet

userenv

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 20KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 20KB

.reloc
Size: 4KB - Virtual size: 3KB