3fdab6d95a6b705ac9e458f8376586294f229b148a73166d4033e1cd90375967

Sharing

Copy URL

Twitter E-mail

General

Target

3fdab6d95a6b705ac9e458f8376586294f229b148a73166d4033e1cd90375967
Size

47KB
MD5

6e8cef6d569c411028021b4e72f86a3b
SHA1

56e76b9ce2aec51c72e114f7e6bcaf5224d1906c
SHA256

3fdab6d95a6b705ac9e458f8376586294f229b148a73166d4033e1cd90375967
SHA512

66d6f8a816825f705c0f0a7b24bf2d6791b1a7107e377c167e0264831de049f93480a284d7c8f9e36f228be5302e19ff8fe42ee3f2a896ad7cbc033295315bf1
SSDEEP

768:DLWSM0k5rTfovBSYzok+5UJyHbbZsicRGBXoa3Ex5iFsHQi03/ZXffooxrz2Zb:DLWS4Bizw7bZHcRGBYacesk3/ZXXogry

Score

N/A

Malware Config

Signatures

Files

3fdab6d95a6b705ac9e458f8376586294f229b148a73166d4033e1cd90375967
.dll windows x86

f15edc4175e8eceea5bda9e462da697e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

GetVersionExA
GetTempPathA
WriteFile
GetTempFileNameA
GetModuleHandleW
CreateFileA
DeleteFileA
UnmapViewOfFile
GlobalAlloc
HeapDestroy
GlobalFree
lstrcatA
CloseHandle
lstrcpyA
GetLastError
GetCurrentProcess
GetModuleHandleA
lstrcmpiA
GetModuleFileNameA
EnterCriticalSection
GetCurrentThreadId
lstrlenA
LeaveCriticalSection
lstrlenW
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
InterlockedIncrement
DeleteCriticalSection
DisableThreadLibraryCalls
GetACP
GetOEMCP
TlsAlloc
TlsFree
GlobalFlags
GlobalLock
GlobalUnlock
GetFileSize
IsBadWritePtr
GlobalHandle
lstrcpynA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
OpenFile
ReadFile
GetStartupInfoA
GetCPInfo
SetFilePointer
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
GetLocaleInfoA
GetStringTypeW
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
TlsSetValue
CreateFileMappingA
GlobalReAlloc
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
VirtualFree
MapViewOfFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
GetProcAddress
VirtualAlloc
LoadLibraryA
LCMapStringA
LCMapStringW

user32

AllowSetForegroundWindow

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
connect
getsockname
htonl
htons
inet_addr
ntohs
recv
recvfrom
send
sendto
socket

ole32

CoFreeUnusedLibraries
CoSetProxyBlanket
CoAllowSetForegroundWindow
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f15edc4175e8eceea5bda9e462da697e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

ws2_32

ole32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 302B

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 302B