511079c75750100dc43d3bd9e23ed74348d2cafdded37e56c0aff324a1941d2c

General

Target

511079c75750100dc43d3bd9e23ed74348d2cafdded37e56c0aff324a1941d2c
Size

90KB
MD5

20bbe3378e84aeee8506405d5de20ce5
SHA1

a4e2e6814f45ceb7f2edfb12ec1a34a697d38c18
SHA256

511079c75750100dc43d3bd9e23ed74348d2cafdded37e56c0aff324a1941d2c
SHA512

41d7bf7275a72f37c908fc3d8c2fa2912432e67a19ae799d842c4432c60da90a03e82ad31f09b46242c68138d01e05c0e6fd4a8cca681b71329767117315f2aa
SSDEEP

384:sfK3MbibpMRGrP+hZybZ4Vln9WtAn+Km80:sHbcpMR+pbZc9WtMe1

Score

N/A

Malware Config

Signatures

Files

511079c75750100dc43d3bd9e23ed74348d2cafdded37e56c0aff324a1941d2c
.dll windows x86

93ec0f815bb36588ce88fa775836eb18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetWindowsDirectoryA
GetProcAddress
Sleep
CreateFileA
lstrcatA
ReadFile
GetCurrentProcessId
GetModuleHandleA
LocalAlloc
GetModuleFileNameA
CreateThread
GetPrivateProfileStringA
Module32Next
Module32First
lstrlenW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
ReadProcessMemory
OpenProcess
VirtualProtectEx
VirtualProtect
WriteProcessMemory
CreateToolhelp32Snapshot
CloseHandle

user32

wsprintfA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shlwapi

StrStrIA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

strncat
__CxxFrameHandler
_except_handler3
strrchr
_purecall
isprint
_itoa
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z

Exports

Exports

comonbabyouyes
comonbabyouyesDrawTextEx
comonbabyouyesEditControl
comonbabyouyesExtTextOut
comonbabyouyesGetCharacterPlacement
comonbabyouyesGetTextExtentExPoint
comonbabyouyesPSMTextOut

Sections

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93ec0f815bb36588ce88fa775836eb18

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

msvcrt

Exports

Exports

Sections

.bss Size: - Virtual size: 16KB

.data Size: 18KB - Virtual size: 18KB

shard Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 16KB

.data
Size: 18KB - Virtual size: 18KB

shard
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 1KB