020356457e95f7607c1941e03294b4c16e23daa402d7e79cfd2ba91b23969480_unpacked

Sharing

Copy URL Twitter E-mail

General

Target

020356457e95f7607c1941e03294b4c16e23daa402d7e79cfd2ba91b23969480_unpacked
Size

148KB
MD5

cc5f35fda06d6ec7b56de705418f956b
SHA1

0b0958db02b63b55fe56ae69a23954fd04ec4d0c
SHA256

470e9d3ed6aeb1c6851aae5c578df887b5ff7e6eeb56113b93670739155b5b56
SHA512

a52b5f8656b846f52f0047f9bc4396b14cf71ff8c490e6d3501a42791ae99d6c33a8320efe568c88c8bc2cd90a5fab9288f1d5f67eccc69f10a2a64c650cbace
SSDEEP

3072:VP6m4NM/D1zROoSLAKnUsFa9pLymEEunxX/vxj1YRS9+:VPR4N4D1ROo6Uq+LNjWZj2RS0

Score

N/A

Malware Config

Signatures

Files

020356457e95f7607c1941e03294b4c16e23daa402d7e79cfd2ba91b23969480_unpacked
.dll windows x86

57ceb5fd5985edf60084ff1bd11e9217

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsQuery_A
DnsRecordListFree

ws2_32

ioctlsocket
connect
listen
bind
htons
WSACleanup
setsockopt
gethostbyaddr
htonl
gethostbyname
ntohs
getsockname
send
recv
select
__WSAFDIsSet
WSAGetLastError
closesocket
socket
WSAIoctl
inet_addr
inet_ntoa
WSAStartup

shell32

SHGetFolderPathA
SHGetFolderPathW

shlwapi

StrCmpNIA
PathCombineW
PathCombineA
wvnsprintfA
StrCmpNA
PathMatchSpecA

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoInitializeSecurity
CoInitializeEx
CoUninitialize

kernel32

lstrcmpW
GetFileSize
SetFileAttributesW
DeleteFileW
SetFileAttributesA
GetExitCodeProcess
LocalAlloc
LocalFree
SetFilePointer
HeapFree
HeapAlloc
HeapCreate
GetVersionExA
GetWindowsDirectoryA
SetEnvironmentVariableA
FreeLibrary
GetSystemTime
SystemTimeToFileTime
lstrlenA
SleepEx
CreateEventA
GetCurrentProcessId
WaitForSingleObject
SetThreadPriority
GetCurrentThread
WideCharToMultiByte
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateMutexA
lstrcmpA
lstrcatA
lstrcpyA
FlushFileBuffers
WriteFile
SetNamedPipeHandleState
CreateFileA
IsBadReadPtr
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
SetLastError
GetLastError
CloseHandle
CreateThread
GetCommandLineA
Sleep
Thread32Next
Thread32First
SetThreadContext
GetThreadContext
GetPrivateProfileStringW
GetPrivateProfileIntW
GetFileAttributesW
CreateFileW
SuspendThread
ResumeThread
LoadResource
SizeofResource
FindResourceA
lstrlenW
SetEvent
GetTickCount
ReleaseMutex
DuplicateHandle
GetCurrentProcess
TerminateThread
MoveFileA
MoveFileExA
GetEnvironmentVariableA
ResetEvent
GlobalFree
GlobalAlloc
CopyFileA
WaitForMultipleObjects
GetComputerNameA
DisconnectNamedPipe
ReadFile
ConnectNamedPipe
CreateNamedPipeA
TerminateProcess
GetLocalTime
GetFileSizeEx
GetCurrentThreadId
LoadLibraryA
DeleteFileA
CreateDirectoryA
MultiByteToWideChar
lstrcmpiA

user32

IsCharAlphaNumericA
FindWindowA
PostMessageA
GetKeyboardState
ToAscii

advapi32

GetSidSubAuthorityCount
RegCloseKey
RegQueryInfoKeyA
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
RegEnumKeyExA
GetSidSubAuthority
EqualSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
LookupAccountSidA
RegOpenKeyExA

oleaut32

SysFreeString
VariantClear
VariantInit

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57ceb5fd5985edf60084ff1bd11e9217

Headers

DLL Characteristics

File Characteristics

Imports

dnsapi

ws2_32

shell32

shlwapi

ole32

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 94KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 94KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 7KB - Virtual size: 6KB