f37f2fc73ae6b70873ad12399b2d5e8d71827201aa9b6a066602924f4b3fe0b6

General

Target

f37f2fc73ae6b70873ad12399b2d5e8d71827201aa9b6a066602924f4b3fe0b6
Size

65KB
MD5

0bfdd328b9e33ae792551ec4317d97aa
SHA1

21bb608c1c7b9ad7caa1ba356fb778aa3df4f524
SHA256

f37f2fc73ae6b70873ad12399b2d5e8d71827201aa9b6a066602924f4b3fe0b6
SHA512

29a7ce199a57aed83915772b839878f7e2615bfdbfdd6ceabcc16a9e794aadb357eb11425271e13509f60d0e280ec32f1db5273383b79f054ef95cfe8450cb05
SSDEEP

768:DR+WK4NqIa3eXSnskAMmoCeMP/9vAB/D:Dy4NMdabeMP1oB/D

Score

N/A

Malware Config

Signatures

Files

f37f2fc73ae6b70873ad12399b2d5e8d71827201aa9b6a066602924f4b3fe0b6
.dll windows x86

f431412c4603968477961a70cd0ecdbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
GetProcAddress
GetModuleHandleA
FindClose
FindNextFileA
lstrcpynA
lstrcpyA
lstrcmpA
FindFirstFileA
VirtualProtectEx
LoadLibraryA
Module32Next
Module32First
ReadFile
VirtualFreeEx
CreateRemoteThread
CreateThread
Sleep
WinExec
TerminateProcess
GetCurrentProcess
GetCurrentProcessId
OpenProcess
CreateMutexA
GetLastError
ReleaseMutex
GetSystemDirectoryA
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
lstrlenA
WaitForSingleObject
CreateFileA
WriteFile
CloseHandle
GetTempPathA
GetModuleFileNameA

user32

ToAscii
MapVirtualKeyA
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
wsprintfA

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA

shlwapi

StrStrIA

wininet

InternetCloseHandle

msvcrt

??3@YAXPAX@Z
strcmp
_purecall
memcpy
??2@YAPAXI@Z
strstr
strncat
strcat
memset
strcpy
sprintf

Sections

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f431412c4603968477961a70cd0ecdbc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

msvcrt

Sections

.bss Size: - Virtual size: 18KB

.data Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 18KB

.data
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 1KB