37f8486320137de40f3bdf07b6abdf98bacf181a591336de10caaf91ef0a3a33

Sharing

Copy URL Twitter E-mail

General

Target

37f8486320137de40f3bdf07b6abdf98bacf181a591336de10caaf91ef0a3a33
Size

879KB
MD5

d8973b1d81c7eb2424e278d0ec4e0e66
SHA1

01ed6c394220b2ec3ed4a1c5cbf750d398209af9
SHA256

37f8486320137de40f3bdf07b6abdf98bacf181a591336de10caaf91ef0a3a33
SHA512

b0a28c63c2e343936c3e8b90843ee351debc0f0cb2e272b041b3633cd7c6e3e12d93d41115d374cbbf2fa8e7801acef8d572600bf22e4856082aabf0961a4265
SSDEEP

24576:jQHufYTyUX2XuCZR/sRSTrcOyTVa7mY1NxfGnMuO4VBVFw1yvec:w2eCZR/3TY3R3Hn86VAy2c

Score

N/A

Malware Config

Signatures

Files

37f8486320137de40f3bdf07b6abdf98bacf181a591336de10caaf91ef0a3a33
.dll windows x86

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
Process32First
GetSystemInfo
GetTickCount
OpenProcess
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
GetLastError
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
CreateThread
CloseHandle
VirtualFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
OutputDebugStringA
SetLastError
DeviceIoControl
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetFileAttributesA
WriteProcessMemory
CreateEventA
GetCurrentThreadId
TerminateThread
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
CopyFileA
CreateFileA
GetSystemDirectoryA
ReadFile

user32

AttachThreadInput
GetGUIThreadInfo
MapVirtualKeyA
SwapMouseButton
ScreenToClient
WindowFromPoint
GetCursorPos
GetDoubleClickTime
GetAncestor
keybd_event
SetTimer
KillTimer
GetKeyboardState
GetKeyState
ToAscii
GetForegroundWindow
GetWindowThreadProcessId
GetFocus

ws2_32

htonl
ntohl
htons
ntohs

advapi32

CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
CreateServiceA
ControlService
DeleteService
OpenServiceA

ole32

CoCreateGuid

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

memmove
__dllonexit
strstr
_getpid
free
malloc
strrchr
fopen
fseek
ftell
fread
fclose
_purecall
strncat
_except_handler3
strncpy
time
srand
rand
_getcwd
_itoa
_mbsnbcpy
_mbsnbcat
memset
memcpy
_EH_prolog
_stricmp
_memicmp
__CxxFrameHandler
_snprintf
_onexit
??2@YAPAXI@Z

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

ShellExecuteA

Exports

Exports

CreateObj

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txt$0
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt$1
Size: 505KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

ole32

msvcp60

msvcrt

version

shell32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 260KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 944B

.txt$0 Size: 16KB - Virtual size: 15KB

.txt$1 Size: 505KB - Virtual size: 505KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 260KB - Virtual size: 260KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 944B

.txt$0
Size: 16KB - Virtual size: 15KB

.txt$1
Size: 505KB - Virtual size: 505KB

.reloc
Size: 8KB - Virtual size: 7KB