749ac95d5c5488a189f87b0fa2cfd3a255c191dd01bbb69b13ef2088655a4150

Sharing

Copy URL Twitter E-mail

General

Target

749ac95d5c5488a189f87b0fa2cfd3a255c191dd01bbb69b13ef2088655a4150
Size

26KB
MD5

0702943aee4b8e1e4d18008a5228efd0
SHA1

f69c963f9d69c7b5f0bca6e04d670cdda2508c97
SHA256

749ac95d5c5488a189f87b0fa2cfd3a255c191dd01bbb69b13ef2088655a4150
SHA512

7124bce5c699ff9d009fe68aaa2744dcbb5f3820c0a5a44ad25edb783264a39428455099f5ad2be01add3d574b97b25ee768a83bce01f7ae5b8b861cd4db84b6
SSDEEP

384:w0XcP0BhnJEuZsg77gkQqzFCGL0w80VphVdeRgOgk:bzBhnJnWg7RdRZ7d/k

Score

N/A

Malware Config

Signatures

Files

749ac95d5c5488a189f87b0fa2cfd3a255c191dd01bbb69b13ef2088655a4150
.dll windows x86

13f90591a9e9fc3b3f27fa2de8e5ae08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncpy
rand
atoi
fmod
sscanf
mktime
fseek
fread
fclose
strrchr
malloc
wcscmp
_strrev
memcpy
_getpid
_strlwr
_stricmp
_beginthreadex
__CxxFrameHandler
abs
strcmp
sprintf
strstr
strcat
fopen
fgets
strcpy
memset
strchr
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
strlen
??2@YAPAXI@Z
??3@YAXPAX@Z

kernel32

CopyFileA
GetTempPathA
GetPrivateProfileStringA
WaitForSingleObject
GetFileSize
VirtualProtect
GetFileAttributesA
MoveFileExA
GetTimeZoneInformation
GetModuleFileNameA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
GetCurrentDirectoryA
Sleep
CloseHandle
CreateThread
IsBadReadPtr
MultiByteToWideChar
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
OutputDebugStringA

user32

GetClientRect
CallWindowProcA
GetClassNameA
EnumWindows
ReleaseDC
GetWindowRect
GetWindowTextA
SetWindowLongA
RegisterShellHookWindow
RegisterWindowMessageA
GetDC
GetParent
GetWindowThreadProcessId
GetDesktopWindow

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

netapi32

Netbios

ws2_32

closesocket
send
gethostbyname
inet_ntoa
WSAStartup
WSACleanup
connect
recv
htons
inet_addr
socket

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA

gdiplus

GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage
GdipGetImageEncoders
GdiplusStartup
GdipLoadImageFromFile
GdipDisposeImage
GdipSaveImageToFile

Exports

Exports

DelSelf
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.muma
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13f90591a9e9fc3b3f27fa2de8e5ae08

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

msvcp60

netapi32

ws2_32

wininet

gdi32

gdiplus

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 642KB

.muma Size: 512B - Virtual size: 4B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 642KB

.muma
Size: 512B - Virtual size: 4B

.reloc
Size: 3KB - Virtual size: 3KB