b1db436d540d9efb8f08aeb19242ee121d93743f92c0630ad1caf4160e6c8ab9

Sharing

Copy URL Twitter E-mail

General

Target

b1db436d540d9efb8f08aeb19242ee121d93743f92c0630ad1caf4160e6c8ab9
Size

272KB
MD5

2ffccc098c094d5f5080fe8d45168480
SHA1

5e28104adbf99e682770247e0ba1ee34a952c0fe
SHA256

b1db436d540d9efb8f08aeb19242ee121d93743f92c0630ad1caf4160e6c8ab9
SHA512

dae60cab88da54c4f80af24539cd0b44db28e2dd3756864f23e6795b3670001207f878b571a9c09f5cc78af2f71fb5b8f89e9e4fe5fbd5ed0444c83d4b73eea2
SSDEEP

3072:Unr1fmDdSz46R2BW8/4BpajhGAGWzaFQ4zKamXeoJ1ob3NGYyPjZpEm:or1fmIXR2BZgBqhGAGcuQ4zm1oj2ZpF

Score

N/A

Malware Config

Signatures

Files

b1db436d540d9efb8f08aeb19242ee121d93743f92c0630ad1caf4160e6c8ab9
.dll windows x86

3e944574ddacde6e9676a07ccce23ce2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoW
CreateFileA
LoadLibraryA
ReadFile
SetStdHandle
SetEnvironmentVariableA
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
RaiseException
HeapFree
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
TerminateProcess
GetCurrentProcess
HeapSize
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
CloseHandle
SetUnhandledExceptionFilter
WriteFile
SetFilePointer
FlushFileBuffers
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
SetEndOfFile

ws2_32

recv
send
socket
ioctlsocket
connect
select
getsockopt
closesocket
WSACleanup
WSAStartup
WSAGetLastError
gethostbyname
htonl
ntohl
inet_addr
htons

Exports

Exports

INFOGW_api_req_netbar_lv
INFOGW_api_req_netbar_lv_ext

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e944574ddacde6e9676a07ccce23ce2

Headers

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 27KB

.reloc Size: 12KB - Virtual size: 11KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 27KB

.reloc
Size: 12KB - Virtual size: 11KB

.rmnet
Size: 60KB - Virtual size: 60KB