9597f1a0084911c2228692c3511f36255b7320db16e604e90febe663910755eb

Sharing

Copy URL Twitter E-mail

General

Target

9597f1a0084911c2228692c3511f36255b7320db16e604e90febe663910755eb
Size

272KB
MD5

079435516d46fa1f8406e5f3cf37a7a0
SHA1

ccf4be6b611862aa79ed9b070d6c09e39fb56552
SHA256

9597f1a0084911c2228692c3511f36255b7320db16e604e90febe663910755eb
SHA512

c83ba2adc441b03a6d49923a7a218d05e479b99070ec7cf39850802dbed2241c14032f318a872ebdd466ff41dc1f7fdd35ccbd854cb2a271e603b061260af29b
SSDEEP

6144:Lr1fmIXR2BZgBqhGAGcuQ4zm1ojOJLO7:LZeOR2jWqhGuWKocLO

Score

N/A

Malware Config

Signatures

Files

9597f1a0084911c2228692c3511f36255b7320db16e604e90febe663910755eb
.dll windows x86

3e944574ddacde6e9676a07ccce23ce2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoW
CreateFileA
LoadLibraryA
ReadFile
SetStdHandle
SetEnvironmentVariableA
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
RaiseException
HeapFree
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
TerminateProcess
GetCurrentProcess
HeapSize
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
CloseHandle
SetUnhandledExceptionFilter
WriteFile
SetFilePointer
FlushFileBuffers
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
SetEndOfFile

ws2_32

recv
send
socket
ioctlsocket
connect
select
getsockopt
closesocket
WSACleanup
WSAStartup
WSAGetLastError
gethostbyname
htonl
ntohl
inet_addr
htons

Exports

Exports

INFOGW_api_req_netbar_lv
INFOGW_api_req_netbar_lv_ext

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e944574ddacde6e9676a07ccce23ce2

Headers

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 27KB

.reloc Size: 12KB - Virtual size: 11KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 27KB

.reloc
Size: 12KB - Virtual size: 11KB

.rmnet
Size: 60KB - Virtual size: 60KB