59df10ff473a861d5d430611a36e188cb4127d4a55574baca23fac867dc90efc

Sharing

Copy URL Twitter E-mail

General

Target

59df10ff473a861d5d430611a36e188cb4127d4a55574baca23fac867dc90efc
Size

61KB
MD5

121d7ee30612f4db92312fa00be127dd
SHA1

8349221667903b21517a83484ed85d19f81757bd
SHA256

59df10ff473a861d5d430611a36e188cb4127d4a55574baca23fac867dc90efc
SHA512

b08c6c54e19bdf1023c9d270a0d525ff3cb41ac6a7ce1b75c262dc03f8267303a19140ba76e848c0aaff0dde57415b24af9500504bc1327dc9e8467d50f91c46
SSDEEP

768:OTQTMUN2KKY3PVLNRSmZ8zE0Yv7Xvo/BGcTRm3zf7UM49gKac+xPkB:OYKShLVZ8g/7Xvncaf7UM4KRcP

Score

N/A

Malware Config

Signatures

Files

59df10ff473a861d5d430611a36e188cb4127d4a55574baca23fac867dc90efc
.dll windows x86

27d5e55d700897c503fe13d51f46fcc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
CloseHandle
WaitForSingleObject
WideCharToMultiByte
ResetEvent
GetProcAddress
LoadLibraryW
SetEvent
InterlockedExchange
CancelIo
Sleep
DeleteFileW
GetLastError
CreateDirectoryW
GetFileAttributesW
lstrcpyW
lstrlenW
GetDriveTypeW
GetDiskFreeSpaceExW
GetVolumeInformationW
GetLogicalDriveStringsW
FindClose
LocalFree
FindNextFileW
DisableThreadLibraryCalls
FindFirstFileW
LocalAlloc
RemoveDirectoryW
GetFileSize
CreateFileW
ReadFile
SetFilePointer
WriteFile
MoveFileW
FileTimeToSystemTime
TerminateThread
GetCurrentThreadId
GetComputerNameW
GlobalMemoryStatus
GetVersionExW
ReleaseMutex
CreateMutexW
GetTempPathW
SetErrorMode
GetTickCount
OpenEventW
GetPrivateProfileStringW
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
LocalReAlloc

user32

CharNextW
GetUserObjectInformationW
SetThreadDesktop
OpenDesktopW
OpenInputDesktop
CloseDesktop
wsprintfW
GetThreadDesktop

advapi32

RegCreateKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey

shell32

SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
??3@YAXPAX@Z
memcpy
memmove
ceil
_ftol
strlen
strstr
_beginthreadex
__CxxFrameHandler
memset
??2@YAPAXI@Z
memcmp
_CxxThrowException
free
malloc
_except_handler3
wcsrchr
wcscmp
wcslen
wcscat
wcscpy
wcsstr
_close
_write
_read
_lseek
_filelength
_wopen
_wtoi
calloc
??1type_info@@UAE@XZ

ws2_32

socket
select
closesocket
send
getsockname
gethostbyname
htons
connect
setsockopt
WSAIoctl
WSACleanup
WSAStartup
recv

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

mpr

WNetGetUserW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.scode
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27d5e55d700897c503fe13d51f46fcc3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

ws2_32

msvcp60

mpr

Sections

.text Size: 44KB - Virtual size: 43KB

.scode Size: 512B - Virtual size: 38B

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.scode
Size: 512B - Virtual size: 38B

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB