0f0ffe0dfe77c8294bbd3355fe7849951f57ee678464e895f1005d3c90f84c0d

Sharing

Copy URL

Twitter E-mail

General

Target

0f0ffe0dfe77c8294bbd3355fe7849951f57ee678464e895f1005d3c90f84c0d
Size

57KB
MD5

1309bba2afbd70661c6817d0cb5f5a70
SHA1

2ee219138116db1bf8d6a4f6c6531701922871d7
SHA256

0f0ffe0dfe77c8294bbd3355fe7849951f57ee678464e895f1005d3c90f84c0d
SHA512

e059120741a74471042baa87fba019f93806d602a46284f48b64ec772f775a0bac68f94b2e9ee039f727765a68828aa3d077d242ce7174a647f7e50388e1ec96
SSDEEP

384:kERY++H25c/JXzYKUY3R/onoKCAJKOppWY/O7WmfS6eWEYj2cxTcbhyhCpXrfMKY:ncxTSbvkboZWLgVFU9wFnOh8kUomcxT

Score

N/A

Malware Config

Signatures

Files

0f0ffe0dfe77c8294bbd3355fe7849951f57ee678464e895f1005d3c90f84c0d
.dll windows x86

e27bee07adc86703529575fd250dec6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
TerminateProcess
OpenProcess
GetCurrentThreadId
OpenEventA
CreateEventA
GetModuleFileNameA
DeviceIoControl
DeleteFileA
GetCPInfoExA
GetACP
TerminateThread
ExitProcess
ExitThread
DisableThreadLibraryCalls
GetModuleHandleA
GetCurrentProcess
GetLastError
VerLanguageNameA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
CreateThread
Sleep
GetTempPathA
CreateFileA
WriteFile
CreateProcessA
GetLocalTime
GetTickCount
CreateToolhelp32Snapshot
VerLanguageNameW
Process32First
Process32Next
CloseHandle

user32

GetWindowTextA
GetMessageA
GetWindowThreadProcessId
DispatchMessageW
PostThreadMessageA
PostMessageA
EnumWindows
GetInputState
wsprintfA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
OpenServiceA
DeleteService
OpenSCManagerA
RegFlushKey

msvcrt

memset
_strlwr
strrchr
strstr
__CxxFrameHandler
time
srand
memcpy
sprintf
strcpy
strcat
strlen
??3@YAXPAX@Z

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e27bee07adc86703529575fd250dec6f

Headers

File Characteristics

Imports

kernel32

user32

wininet

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.code Size: 1024B - Virtual size: 684B

.pata Size: 4KB - Virtual size: 4KB

.uata Size: 4KB - Virtual size: 4KB

.rata Size: 4KB - Virtual size: 4KB

.zata Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.code
Size: 1024B - Virtual size: 684B

.pata
Size: 4KB - Virtual size: 4KB

.uata
Size: 4KB - Virtual size: 4KB

.rata
Size: 4KB - Virtual size: 4KB

.zata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 2KB