73706e208adea90275dc55a184c8cc9730dc9d1533de88719090af18b433aa4f

Sharing

Copy URL Twitter E-mail

General

Target

73706e208adea90275dc55a184c8cc9730dc9d1533de88719090af18b433aa4f
Size

173KB
MD5

965035098b0f5bfde5f1d5a25ba7aad0
SHA1

6fab419cf36ecaecb518c4d2c5ac26d0cb035cdb
SHA256

73706e208adea90275dc55a184c8cc9730dc9d1533de88719090af18b433aa4f
SHA512

060e63732f4596ca050829a5900d8c61ba8afce8a564dcfb4c06b4dee1f0517d2dd64bbc8e691cf9c45d86a7e2aba9c13c88158055b7c17843a22a7041bec8ab
SSDEEP

3072:0eDOrzwr7J5cLDXyA0QodXeujifufj0JOg:0eDOvkvcLDXyVF2fuAJr

Score

N/A

Malware Config

Signatures

Files

73706e208adea90275dc55a184c8cc9730dc9d1533de88719090af18b433aa4f
.dll windows x86

c5682d0c03a7c2f7eac580c463c7ab98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetPrivateProfileIntA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
DeviceIoControl
Thread32Next
Thread32First
CreateToolhelp32Snapshot
GetModuleHandleA
LoadLibraryA
VirtualQuery
GetCommandLineA
GetFileSize
GetProcAddress
GlobalFree
GlobalReAlloc
GlobalAlloc
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
FreeLibrary
CreateMutexA
TerminateThread
GetCurrentProcess
TerminateProcess
ReadProcessMemory
WriteProcessMemory
OutputDebugStringA
Sleep
IsBadReadPtr
ResumeThread
CreateProcessA
CreateProcessW
IsBadWritePtr
ExitProcess
Process32Next
GetFileAttributesW
VirtualQueryEx
OpenProcess
Process32First
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
GetFileTime
VirtualAllocEx
GetSystemDirectoryA
OpenMutexA
VirtualProtectEx
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcessId
MultiByteToWideChar
EnterCriticalSection
WinExec
GetTempFileNameA
GetPrivateProfileStringA
MoveFileA
GetTempPathA
GetFileAttributesA
CreateFileA
GetTickCount
WriteFile
CloseHandle
ReadFile
SetFilePointer
DeleteFileA
GetModuleFileNameA
WideCharToMultiByte
CreateThread

user32

SetFocus
FindWindowA
SendMessageA
IsWindow
CreateWindowExA
GetWindowThreadProcessId
CallWindowProcA
GetWindowTextA
wvsprintfA
GetWindowTextW
GetWindowRect
GetDlgItem
GetKeyboardState
MapVirtualKeyA
VkKeyScanA
ToAscii
wsprintfA
CallNextHookEx
UnhookWindowsHookEx
SetWindowTextA
IsWindowVisible
GetDlgCtrlID
GetParent
GetWindow
GetWindowLongA
GetFocus
SetWindowLongA
GetKeyState
GetForegroundWindow
EnumThreadWindows
GetClassNameA
FindWindowExA
SetWindowsHookExA

gdi32

CreateFontA

advapi32

RegCloseKey
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CreateServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
StartServiceA
QueryServiceStatus
ControlService

wininet

InternetCloseHandle
InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetOpenA
FtpPutFileA

shlwapi

PathFileExistsA

msvcrt

srand
_i64toa
wcsncpy
wcslen
wcsstr
wcsncat
wcscpy
_strlwr
strncmp
__dllonexit
_onexit
_initterm
_itoa
_adjust_fdiv
_stricmp
_strcmpi
rand
??2@YAPAXI@Z
isalpha
free
memchr
__CxxFrameHandler
isalnum
isdigit
malloc
memmove
sprintf
??3@YAXPAX@Z
atoi
_beginthread
strrchr
atol
strncat
_except_handler3
strchr
strstr
strncpy

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

ws2_32

inet_ntoa
WSAGetLastError
closesocket
recv
send
WSARecv
getpeername
htons
connect

imagehlp

ImageUnload
ImageLoad

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5682d0c03a7c2f7eac580c463c7ab98

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

shlwapi

msvcrt

msvcp60

ws2_32

imagehlp

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 1KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 1KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 14KB