8b9e4cd76c6a274c7377d03e3d9a00ec446623e3a61694d56f68c652efa17f76

Sharing

Copy URL

Twitter E-mail

General

Target

8b9e4cd76c6a274c7377d03e3d9a00ec446623e3a61694d56f68c652efa17f76
Size

65KB
MD5

824fa32cd78f3e836639e552c25203a0
SHA1

97db11cfa2fa5f6af7bc2b6231cf62d9a0cb2105
SHA256

8b9e4cd76c6a274c7377d03e3d9a00ec446623e3a61694d56f68c652efa17f76
SHA512

cdb39f0e29eaaa4b28d9404ea6e6850f9d20f01281f3b40496b58d0a441351603c1e40c8c49f10d38604bfdbe41c1bc6dd33c63386f43d4df92cdb7b8c338796
SSDEEP

768:wCf0PiddPgdCL6RZ70qHUPjIN1GBjG4zDNIHhC+Z7GyxhPBMcxm86I2CgxGOA8wx:7cPMd6ZgPjIN1iG4Xuh53t6JAvX9mfy

Score

N/A

Malware Config

Signatures

Files

8b9e4cd76c6a274c7377d03e3d9a00ec446623e3a61694d56f68c652efa17f76
.dll windows x86

d88884d58fd975e0a6ee7462ac14dbea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
FindClose
FindFirstFileA
OpenProcess
GetTempPathA
GetCurrentProcess
ReleaseMutex
GetLastError
CreateMutexA
Sleep
GetLocalTime
ReadFile
SetFilePointer
IsBadReadPtr
VirtualFree
ReadProcessMemory
VirtualAlloc
VirtualQueryEx
SetThreadPriority
CreateThread
CopyFileA
GetTickCount
GetPrivateProfileStringA
ExitProcess
TerminateProcess
WritePrivateProfileStringA
DeviceIoControl
GetCommandLineA
lstrcmpiA
SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryA
GetModuleFileNameA
CreateFileA
GetFileSize
Process32First
Process32Next
HeapAlloc
GetProcessHeap
VirtualProtect
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
OpenThread
GetThreadContext
SetThreadContext
CloseHandle
Thread32Next
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteFileA
AddVectoredExceptionHandler

user32

FindWindowA
GetWindowTextA
GetClassNameA
PostMessageA
IsWindowVisible
GetWindowRect
GetDC
ReleaseDC
GetWindowTextW
GetForegroundWindow
GetClassNameW
GetWindow
wsprintfA
GetDesktopWindow

gdi32

DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateDCA
DeleteDC

advapi32

RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

msvcrt

mbstowcs
_strcmpi
wcscat
wcscpy
wcslen
strstr
wcsncat
wcsstr
sscanf
_vsnprintf
rand
srand
strrchr
_strlwr
_strupr
??2@YAPAXI@Z
wcscmp
??3@YAXPAX@Z
memset
memcpy
_except_handler3
strcat
strlen
_itoa
_stricmp
free
malloc
strchr
sprintf
strncpy
isspace
isalnum
atoi
strcpy

wsock32

WSAStartup
closesocket
send
connect
shutdown
socket
recv
htons

gdiplus

GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup

Exports

Exports

pfjaoidjgfdjkj
pfjaoidjglkajd

Sections

.bss
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d88884d58fd975e0a6ee7462ac14dbea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

wsock32

gdiplus

Exports

Exports

Sections

.bss Size: - Virtual size: 2.0MB

.data Size: 39KB - Virtual size: 38KB

.CRT Size: 512B - Virtual size: 4B

.vmp0 Size: 22KB - Virtual size: 21KB

.reloc Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2.0MB

.data
Size: 39KB - Virtual size: 38KB

.CRT
Size: 512B - Virtual size: 4B

.vmp0
Size: 22KB - Virtual size: 21KB

.reloc
Size: 2KB - Virtual size: 2KB