f9652d9e5c9188a2a7cf85a7d6e619771df321d517173f1149cc1afdb3af8e91

Sharing

Copy URL

Twitter E-mail

General

Target

f9652d9e5c9188a2a7cf85a7d6e619771df321d517173f1149cc1afdb3af8e91
Size

935KB
MD5

0f235beb9d7f7eef23bf5a7928ef7c80
SHA1

a275882636a82eb52076c9a5a4d6992657b56232
SHA256

f9652d9e5c9188a2a7cf85a7d6e619771df321d517173f1149cc1afdb3af8e91
SHA512

a211293d788855b892b7b129529c8db0eeae030977b4786d0e71bd89da5a251906cd2f13e8d357f78bed2db3ed0deb8134ccbd842e9d1c7fbc9374e4bf7eb05b
SSDEEP

24576:8QHufYTyUX2XuCZR/sRSTrcOyTVa7mY1NxfGnMuO4VBVFw1yvR:X2eCZR/3TY3R3Hn86VAy5

Score

N/A

Malware Config

Signatures

Files

f9652d9e5c9188a2a7cf85a7d6e619771df321d517173f1149cc1afdb3af8e91
.dll windows x86

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
Process32First
GetSystemInfo
GetTickCount
OpenProcess
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
GetLastError
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
CreateThread
CloseHandle
VirtualFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
OutputDebugStringA
SetLastError
DeviceIoControl
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetFileAttributesA
WriteProcessMemory
CreateEventA
GetCurrentThreadId
TerminateThread
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
CopyFileA
CreateFileA
GetSystemDirectoryA
ReadFile

user32

AttachThreadInput
GetGUIThreadInfo
MapVirtualKeyA
SwapMouseButton
ScreenToClient
WindowFromPoint
GetCursorPos
GetDoubleClickTime
GetAncestor
keybd_event
SetTimer
KillTimer
GetKeyboardState
GetKeyState
ToAscii
GetForegroundWindow
GetWindowThreadProcessId
GetFocus

ws2_32

htonl
ntohl
htons
ntohs

advapi32

CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
CreateServiceA
ControlService
DeleteService
OpenServiceA

ole32

CoCreateGuid

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

memmove
__dllonexit
strstr
_getpid
free
malloc
strrchr
fopen
fseek
ftell
fread
fclose
_purecall
strncat
_except_handler3
strncpy
time
srand
rand
_getcwd
_itoa
_mbsnbcpy
_mbsnbcat
memset
memcpy
_EH_prolog
_stricmp
_memicmp
__CxxFrameHandler
_snprintf
_onexit
??2@YAPAXI@Z

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

ShellExecuteA

Exports

Exports

CreateObj

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txt$0
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt$1
Size: 505KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

ole32

msvcp60

msvcrt

version

shell32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 260KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 944B

.txt$0 Size: 16KB - Virtual size: 15KB

.txt$1 Size: 505KB - Virtual size: 505KB

.reloc Size: 8KB - Virtual size: 7KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 260KB - Virtual size: 260KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 944B

.txt$0
Size: 16KB - Virtual size: 15KB

.txt$1
Size: 505KB - Virtual size: 505KB

.reloc
Size: 8KB - Virtual size: 7KB

.rmnet
Size: 56KB - Virtual size: 60KB