c029afd1b292ca72e3a9c514c1d75a211e7b17bd7c76bd3ed5bc506f1fd660c9

Sharing

Copy URL

Twitter E-mail

General

Target

c029afd1b292ca72e3a9c514c1d75a211e7b17bd7c76bd3ed5bc506f1fd660c9
Size

42KB
MD5

0de4757e1a14461cf9b5f4a2f11e7d6b
SHA1

7b1ac3ed259fa530c6a6b311517e0fa31da5dad4
SHA256

c029afd1b292ca72e3a9c514c1d75a211e7b17bd7c76bd3ed5bc506f1fd660c9
SHA512

83a00ad111a7be4ba2df67ca849618a4caf948301146a95a21eda2e1560e6194ef35571f03701390e32356bfa668ab952807ceae80208193d1098985e562700b
SSDEEP

768:7iODp22Zb9q8U1ewb6x1U8UfbMGKSbPwh1WDqUVyqK+GSvWBu:7iI22Z+0wb6x1YchlU4HS8u

Score

N/A

Malware Config

Signatures

Files

c029afd1b292ca72e3a9c514c1d75a211e7b17bd7c76bd3ed5bc506f1fd660c9
.dll windows x86

7bce471e7ee4acb3a23613f84feeb8f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
VirtualProtect
FlushInstructionCache
Thread32Next
SetThreadContext
GetThreadContext
OpenThread
GetCurrentProcessId
Thread32First
CreateToolhelp32Snapshot
GetProcessHeap
HeapAlloc
GetLastError
LeaveCriticalSection
lstrcatA
GetTickCount
FindClose
FindFirstFileA
GetTempPathA
ReleaseMutex
CreateMutexA
lstrcpynA
ReadProcessMemory
SetThreadPriority
DeviceIoControl
TerminateThread
IsBadReadPtr
InitializeCriticalSection
AddVectoredExceptionHandler
GetModuleHandleA
CreateFileA
ReadFile
CloseHandle
GetFileSize
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
CreateThread
Sleep
WideCharToMultiByte
GetCommandLineA

user32

GetForegroundWindow
wsprintfA
GetClassNameW
GetWindow

gdi32

GetDeviceCaps
CreateCompatibleDC
DeleteDC
DeleteObject
BitBlt
SelectObject
CreateDCA
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

msvcrt

_onexit
__dllonexit
exit
wcsstr
_strcmpi
_strupr
_strdup
memset
strcpy
sprintf
atoi
strstr
memcpy
strlen
strncpy
??2@YAPAXI@Z
_stricmp
strcat
strrchr
free
malloc
??3@YAXPAX@Z
_except_handler3
wcscat
wcscpy
wcslen
isspace
isalnum
strchr
_vsnprintf
realloc
isdigit
isalpha
wcscmp
mbstowcs
_strlwr
wcsncat

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

wsock32

gethostbyname
closesocket
recv
connect
htons
socket
WSAStartup
shutdown
send

Sections

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bce471e7ee4acb3a23613f84feeb8f4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

gdiplus

msvcp60

wsock32

Sections

.bss Size: - Virtual size: 2KB

.data Size: 37KB - Virtual size: 37KB

.CRT Size: 512B - Virtual size: 8B

.reloc Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2KB

.data
Size: 37KB - Virtual size: 37KB

.CRT
Size: 512B - Virtual size: 8B

.reloc
Size: 3KB - Virtual size: 2KB