f92206742b256113f80e92210a255599c46604a12b174f3aad74cad2724c9eb9

Sharing

Copy URL Twitter E-mail

General

Target

f92206742b256113f80e92210a255599c46604a12b174f3aad74cad2724c9eb9
Size

415KB
MD5

e3bb52681670b5a3d0dcf6929ca6b7d1
SHA1

9980b73a5f706a5861a7ea4669b898b99a79d91b
SHA256

f92206742b256113f80e92210a255599c46604a12b174f3aad74cad2724c9eb9
SHA512

de161ffef0bc841624f8697657f50a098f848c242b6298c7c0ce66082932fd62857775545ce143d4ce017f158df764c30ec78b65bb16410851f1ecea33796cb4
SSDEEP

6144:bowhS0yDxzYOMvtBPpfZNRA9beLCbFRCQFBitv6OGaKu6ejpOXg42ZwnvaH:8whSXto3Pp8emXCTxdd6j2ava

Score

N/A

Malware Config

Signatures

Files

f92206742b256113f80e92210a255599c46604a12b174f3aad74cad2724c9eb9
.dll windows x86

a982a0156f78161688814494d07e12ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
ntohs
getpeername

kernel32

GetCurrentProcessId
VirtualAlloc
VirtualFree
GetProcessWorkingSetSize
SetProcessWorkingSetSize
OpenProcess
CreateThread
SetThreadPriority
ReleaseSemaphore
WaitForMultipleObjects
WaitForSingleObjectEx
CreateEventA
CreateSemaphoreA
VirtualLock
VirtualUnlock
TerminateThread
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
SetEvent
ResetEvent
WaitForSingleObject
Sleep
DeviceIoControl
IsBadReadPtr
GetTickCount
InterlockedIncrement
InterlockedDecrement
InterlockedExchangeAdd
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
CompareStringW
GetFileAttributesW
GetVersionExA
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
GetFileSize
ReadFile
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
WriteFile
SetEndOfFile
SetFilePointer
VirtualProtect
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetConsoleMode
LCMapStringW
OutputDebugStringW
DeleteFileA
CreateFileW
CreateFileA
GetSystemDirectoryW
GetSystemDirectoryA
GetLocalTime
CloseHandle
lstrcmpA
InitializeCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
PulseEvent
GetLastError
ExitThread
SetUnhandledExceptionFilter
ExitProcess
FlushFileBuffers
ReadConsoleW
GetSystemInfo
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
RaiseException
LoadLibraryExA
ResumeThread
ReleaseMutex
CreateMutexA
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
GetCommandLineA
RtlUnwind
GetModuleHandleExW
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
IsDebuggerPresent
SetLastError
GetFileType
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapSize
VirtualQuery
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

user32

EnumThreadWindows
GetParent
GetDesktopWindow
LoadCursorW
SetCursor
wsprintfA
MessageBoxW
wsprintfW
IsWindowVisible

advapi32

StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
LockServiceDatabase
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfigW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
UnlockServiceDatabase

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

Exports

Exports

DeinitServerExtension
GetExtensionName
InitServerExtension
_ReflectiveLoader@0

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a982a0156f78161688814494d07e12ec

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 214KB - Virtual size: 213KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 130KB - Virtual size: 153KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 214KB - Virtual size: 213KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 130KB - Virtual size: 153KB

.reloc
Size: 11KB - Virtual size: 11KB