56ab07240d746230de70db9ae5c801c1b9a1e8b9880fbd1b5e686f4aa585c882

Sharing

Copy URL

Twitter E-mail

General

Target

56ab07240d746230de70db9ae5c801c1b9a1e8b9880fbd1b5e686f4aa585c882
Size

57KB
MD5

931a85f96f68b394c8bf5d58ebdb45b1
SHA1

bfcd95d83a11c2de91c0f7832a47b20751372d4d
SHA256

56ab07240d746230de70db9ae5c801c1b9a1e8b9880fbd1b5e686f4aa585c882
SHA512

98a69cc5e947884430a14cd3006cd3d27fb41d7fc333d877984798a6f25e1742d77928f0817ba9ac615696788af8ecc790fc61a8762b2fc010a3cfe9d184e3b1
SSDEEP

768:xcxTSIVd3L2LQF10dwJVnO0NkYEmcxTK:xcxTSaYA0dAR1EmcxT

Score

N/A

Malware Config

Signatures

Files

56ab07240d746230de70db9ae5c801c1b9a1e8b9880fbd1b5e686f4aa585c882
.dll windows x86

af3dcb79b4a9b2c9060541854cf32fa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
CreateEventA
GetModuleFileNameA
DeviceIoControl
DeleteFileA
GetCPInfoExA
GetACP
TerminateThread
ExitProcess
ExitThread
DisableThreadLibraryCalls
GetCurrentThreadId
GetCurrentProcess
GetLastError
VerLanguageNameA
OpenProcess
TerminateProcess
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
CreateThread
Sleep
GetTempPathA
CreateFileA
WriteFile
CreateProcessA
GetLocalTime
GetTickCount
VerLanguageNameW
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle

user32

EnumWindows
PostThreadMessageA
PostMessageA
GetWindowThreadProcessId
GetCursor
GetInputState
GetWindowTextA
GetMessageA
DispatchMessageW
wsprintfA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

gdi32

GetPixel
GetBkMode
GetBkColor

advapi32

AdjustTokenPrivileges
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
OpenServiceA
DeleteService
OpenSCManagerA

msvcrt

memset
_strlwr
strrchr
strstr
__CxxFrameHandler
time
srand
memcpy
sprintf
strcpy
strcat
strlen
??3@YAXPAX@Z

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 731B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af3dcb79b4a9b2c9060541854cf32fa4

Headers

File Characteristics

Imports

kernel32

user32

wininet

gdi32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.code Size: 1024B - Virtual size: 731B

.pata Size: 4KB - Virtual size: 4KB

.uata Size: 4KB - Virtual size: 4KB

.rata Size: 4KB - Virtual size: 4KB

.zata Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 33KB

.code
Size: 1024B - Virtual size: 731B

.pata
Size: 4KB - Virtual size: 4KB

.uata
Size: 4KB - Virtual size: 4KB

.rata
Size: 4KB - Virtual size: 4KB

.zata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB