f2921d71009c502ad4b5c82392f063446190c4b9cf7c7992c118db6e0382a1fe

Sharing

Copy URL Twitter E-mail

General

Target

f2921d71009c502ad4b5c82392f063446190c4b9cf7c7992c118db6e0382a1fe
Size

248KB
MD5

008a7de12bf48d4d692688fb8669529b
SHA1

48ed7f08d3e65cc2d8377d45e1cb2b78f12c4a68
SHA256

f2921d71009c502ad4b5c82392f063446190c4b9cf7c7992c118db6e0382a1fe
SHA512

cb4b816422b2c1448cc2858dbeb48bbcf2a724ff54d367ce40d4618b65508ae2fea3ce1ebd01e3db4f3240eafb349b7a8b66044f69e66c6377b2627bdcebf083
SSDEEP

6144:3EvIh9NPrTAk2rUSA6uugqWZaN+e/HxToE5/mlspO:kIh9N/G3A6uugqWZaN+e/HxToE5/mB

Score

N/A

Malware Config

Signatures

Files

f2921d71009c502ad4b5c82392f063446190c4b9cf7c7992c118db6e0382a1fe
.dll windows x86

a3c0351a0217b9ef3cadb23f89e1c325

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryDataAvailable
DeleteUrlCacheEntry
InternetSetFilePointer
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

kernel32

LCMapStringA
GetCurrentProcessId
Sleep
GetSystemDirectoryA
CloseHandle
lstrlenA
CreateProcessA
LoadResource
LockResource
SizeofResource
FindResourceA
FindResourceExA
GetLastError
GetProcAddress
CompareStringA
InterlockedExchange
LoadLibraryA
FreeLibrary
CompareStringW
GetVersionExA
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetEndOfFile
ReadFile
FlushFileBuffers
SetEnvironmentVariableA
HeapReAlloc
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
HeapDestroy
HeapAlloc
HeapFree
CreateFileA
HeapSize
GetProcessHeap
GetACP
GetLocaleInfoA
GetThreadLocale
WriteFile
GetConsoleCP
GetConsoleMode
DeleteFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
GetModuleFileNameA
HeapCreate
VirtualFree
ExitProcess
GetTimeZoneInformation
LCMapStringW

user32

UnregisterClassA

advapi32

RegQueryValueExA
SetServiceStatus
RegCreateKeyExA
RegisterServiceCtrlHandlerExA
StartServiceCtrlDispatcherA
RegCloseKey
RegSetValueExA

Exports

Exports

ServiceMain
_HandlerEx@16

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3c0351a0217b9ef3cadb23f89e1c325

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 20KB - Virtual size: 17KB