7fb1664da6247b7d37ffd2f8a5c8151ca5e93733732647804e383f670113088a_dump7_0x00400000

Sharing

Copy URL Twitter E-mail

General

Target

7fb1664da6247b7d37ffd2f8a5c8151ca5e93733732647804e383f670113088a_dump7_0x00400000
Size

132KB
MD5

99440f4e89f018d32cabb6b1eba0d0d9
SHA1

9a2f86d0e30f2d1faf6afa8127e8afab35980168
SHA256

c8fa09ebcc99778f406ba819df5e4c22c40d64c05567e57954d973077efee02b
SHA512

2d86ff76a7b80253ee64f8a4e097cb292362da13581a97c8864d807a83a9610923e48b1836ee5301611afedc1e7769f6b93cb8a232bb5fc466deaf76918c13c8
SSDEEP

768:Ar5bgDD5bkaiJ2XWMJnsi7/peaf1s2P522seV/d53cHrSK+9x0E3j:wiJbhiJfMxsYRbC2hVFF9KWx0O

Score

N/A

Malware Config

Signatures

Files

7fb1664da6247b7d37ffd2f8a5c8151ca5e93733732647804e383f670113088a_dump7_0x00400000
.exe windows x86

52cdc3af6ca4cd72c0b0e9951a5a1b22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcmp
memset
strstr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
fclose
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
malloc
strlen
strncmp
memmove
strncpy
_snprintf
strtok
atoi
strchr
srand
fgets
rand
sprintf
strcpy
strcat
fopen
feof
fprintf
fscanf

ws2_32

select
WSAStartup
gethostbyname
getnameinfo
closesocket
send
WSACleanup
htons
socket
connect
recv
inet_addr

urlmon

URLDownloadToFileA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

dnsapi

DnsFree
DnsQuery_A

shlwapi

PathFindFileNameA
PathFileExistsA

kernel32

GetModuleFileNameA
ExpandEnvironmentStringsA
CreateDirectoryA
CopyFileA
SetFileAttributesA
lstrcpyA
WriteFile
ExitProcess
GetTempPathA
GetModuleHandleA
GetTickCount
ExitThread
lstrlenA
Sleep
CreateFileA
DeviceIoControl
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
GetLastError
DeleteFileA
CreateMutexA
CreateProcessA
GetLocaleInfoA
GetVersionExA
TerminateThread
WaitForSingleObject
CreateThread
ReadFile
SetFilePointer
GetFileSize
GetSystemTime
GetStartupInfoA
GetTimeZoneInformation
CloseHandle

user32

wsprintfA
CharLowerBuffA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

ord680
SHGetFolderPathA
ShellExecuteA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

NULL
Size: - Virtual size: 836KB

IMAGE_SCN_MEM_DISCARDABLE

Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NULL
Size: - Virtual size: 252KB

IMAGE_SCN_MEM_DISCARDABLE

Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52cdc3af6ca4cd72c0b0e9951a5a1b22

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ws2_32

urlmon

wininet

dnsapi

shlwapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

NULL Size: - Virtual size: 836KB

Size: 40KB - Virtual size: 40KB

NULL Size: - Virtual size: 252KB

Size: 28KB - Virtual size: 28KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

NULL
Size: - Virtual size: 836KB

NULL
Size: - Virtual size: 252KB