2752b1c5a1013f16a12e78b08b50cca718fa1c42a9e251d4c315538e677828b5

Sharing

Copy URL

Twitter E-mail

General

Target

2752b1c5a1013f16a12e78b08b50cca718fa1c42a9e251d4c315538e677828b5
Size

172KB
MD5

4af46397480137670cc8ee73f26f25d0
SHA1

0f93ea4069a050b498a86dd514c04f528caaeb2b
SHA256

2752b1c5a1013f16a12e78b08b50cca718fa1c42a9e251d4c315538e677828b5
SHA512

435cc27a68368d4926774ef26c8124c0e929e24d2fd10244fb7041e619527b94ac980d358755f9b6f6b72ea2927663709d8437791bd0b65717f9edb6c3d9ef48
SSDEEP

3072:4lWDazDEZhAtehY+GgDr+KWF7heAvb+tKlG+hVLk/Nf2QqoI4XfYDjas4:1azDED7hIiqKAheAj+tKlGAeN+mI4vY8

Score

N/A

Malware Config

Signatures

Files

2752b1c5a1013f16a12e78b08b50cca718fa1c42a9e251d4c315538e677828b5
.dll windows x86

04514741e3e8540e2b7ac99cf8748884

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcatA
lstrcpyA
FreeLibrary
lstrcmpA
DeleteFileA
lstrcmpiA
HeapFree
VirtualAlloc
GlobalUnlock
GetTickCount
LocalSize
LocalAlloc
TerminateProcess
GetCurrentThreadId
CreateToolhelp32Snapshot
GetSystemInfo
OpenEventA
CopyFileA
CreateFileA
Sleep
CloseHandle
LoadLibraryA
LocalFree
GetProcAddress

user32

EmptyClipboard
OpenClipboard
CloseClipboard
GetSystemMetrics
SetRect
ReleaseDC
SendMessageA
IsWindow
CreateWindowExA
wsprintfA

advapi32

LsaClose
LsaOpenPolicy
LsaFreeMemory
LsaRetrievePrivateData

shell32

SHGetSpecialFolderPathA

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
puts
memmove
ceil
_ftol
strstr
rand
sprintf
strncpy
strchr
malloc
free
_except_handler3
strncat
_beginthreadex
atoi
wcstombs
srand
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_stricmp

ws2_32

htonl
getsockname
sendto
WSAStartup
setsockopt
connect
inet_addr
send
closesocket
select
recv
socket
gethostbyname
htons
WSACleanup

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

Exports

Exports

ServiceMain

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04514741e3e8540e2b7ac99cf8748884

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

ws2_32

msvcp60

wtsapi32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 5KB