394b6d6c8b5602f907dd1baddbc6557f64d41ba1f2947cb47129757b6cce3df1

Sharing

Copy URL Twitter E-mail

General

Target

394b6d6c8b5602f907dd1baddbc6557f64d41ba1f2947cb47129757b6cce3df1
Size

769KB
MD5

18dce58a8d103f9192b9c9e0ad93ec60
SHA1

7f81a348de57286aa4d830646eb9d60813bb8589
SHA256

394b6d6c8b5602f907dd1baddbc6557f64d41ba1f2947cb47129757b6cce3df1
SHA512

7b59cc62eaefcbeb6db9f0351eb531ed10c7dc0cf1bb52174f013193aed753b06193876885d586961e47d3584e9ee65f0d9b3c89a86f0b24b73805a905badaaa
SSDEEP

24576:EPWuhs1agqSL+Wphu1WgkbblL+63ahiMG:IW6s1agqz31WHlL+Sa

Score

N/A

Malware Config

Signatures

Files

394b6d6c8b5602f907dd1baddbc6557f64d41ba1f2947cb47129757b6cce3df1
.dll windows x86

e22d61a604dcbd5204af5fa3247db131

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
Sleep
WaitForMultipleObjects
CreatePipe
CreateProcessA
InterlockedDecrement
lstrlenA
FindResourceA
LoadResource
SizeofResource
LockResource
CopyFileA
WideCharToMultiByte
GetModuleFileNameA
GetPrivateProfileIntA
CreateSemaphoreA
InitializeCriticalSection
DeleteCriticalSection
GetWindowsDirectoryA
lstrcmpiA
GlobalAlloc
GlobalFree
lstrcatA
LoadLibraryA
GetProcAddress
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
lstrcmpA
InterlockedIncrement
GetCurrentProcess
LocalFree
WriteFile
GetTickCount
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
FlushFileBuffers
ReadFile
CloseHandle
CreateFileA
DeleteFileA
GetSystemWindowsDirectoryA
GetTempPathA
FreeLibrary
LoadLibraryExA
FormatMessageA
OutputDebugStringA
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
GetFileAttributesA
GetPrivateProfileSectionA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
SetFileAttributesA
GetLastError
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RtlUnwind
GetConsoleCP
GetConsoleMode
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapSize
ExitProcess
GetTimeZoneInformation
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
SetEnvironmentVariableA

user32

CharUpperA
LoadStringA

advapi32

SetNamedSecurityInfoA
RegSetValueExA
RegCloseKey
SetEntriesInAclA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegQueryValueExA
RegLoadKeyA
RegUnLoadKeyA
RegOpenKeyA
RegOpenKeyExA

shell32

SHCreateDirectoryExA

shlwapi

StrStrA
SHDeleteKeyA

ws2_32

WSAEnumNetworkEvents
WSAResetEvent
closesocket
sendto
setsockopt
htons
WSAStartup
WSASocketA
WSACreateEvent
recvfrom
WSAEventSelect

iphlpapi

GetIfEntry
GetAdaptersInfo

Exports

Exports

GetDhcpServerIp
GetServerIp
NDC_BuilAllNicdPackage
NDS_AddNic
NDS_GetAllInfo
NDS_Init
NDS_InstalNic
NDS_UnInit
ND_UpdateVol
bcdch
fixboot
win7fixboot

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 562KB - Virtual size: 561KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e22d61a604dcbd5204af5fa3247db131

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 463KB

.rsrc Size: 562KB - Virtual size: 561KB

.reloc Size: 11KB - Virtual size: 11KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 463KB

.rsrc
Size: 562KB - Virtual size: 561KB

.reloc
Size: 11KB - Virtual size: 11KB

.rmnet
Size: 56KB - Virtual size: 60KB