fb51a301edb4a8ce6e0601afc100cc67eb1530dd6e4a85114246bc7fda3ccf92

Sharing

Copy URL Twitter E-mail

General

Target

fb51a301edb4a8ce6e0601afc100cc67eb1530dd6e4a85114246bc7fda3ccf92
Size

271KB
MD5

d883487d62f7eb11c98695d93a79a582
SHA1

e9b4f7f0b44550908bbe160a61eaed88f2e2ecb3
SHA256

fb51a301edb4a8ce6e0601afc100cc67eb1530dd6e4a85114246bc7fda3ccf92
SHA512

1c96c322b8eab392fab81783569fcd121c21d1c68e05975aecf8afeb4343bc1116e946906519f58067c669b5f2351852677bc23ec9a40dd2c834a4a492cfa17a
SSDEEP

6144:f4ZcTWFlryR2C39zupCw1r0m6ebTBp413HTiqKX:AmWFlrC2auD1r0mvxC13Hm

Score

N/A

Malware Config

Signatures

Files

fb51a301edb4a8ce6e0601afc100cc67eb1530dd6e4a85114246bc7fda3ccf92
.dll windows x86

dc8d99a5ced987f4a7f0d3a4740963f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACloseEvent
WSAStartup
WSCEnumProtocols
WSCDeinstallProvider
WSCInstallProvider
gethostbyname
inet_ntoa
inet_addr
WSCGetProviderPath
socket
htons
WSACreateEvent
WSAEventSelect
connect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
closesocket
WSACleanup

rpcrt4

UuidCreate

kernel32

GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
GetLastError
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsW
LoadLibraryW
InterlockedDecrement
GetSystemDirectoryA
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
GetLocalTime
MoveFileExW
MoveFileW
CopyFileA
DeleteCriticalSection
InitializeCriticalSection
GetCurrentDirectoryA
MoveFileExA
MoveFileA
GetTickCount
FlushFileBuffers
ExpandEnvironmentStringsA
GetTempPathW
GetVersionExA
CloseHandle
GetCurrentProcess
SetLastError
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
WideCharToMultiByte
GetSystemTime
lstrlenA
FindFirstFileA
DeleteFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
GetProcessHeap
SetStdHandle
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
InitializeCriticalSectionAndSpinCount
CreateFileA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEndOfFile
GetTempPathA
VirtualAlloc
GetModuleHandleA
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
ReadFile
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
WriteFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA

user32

wvsprintfA

advapi32

LookupPrivilegeValueA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegCreateKeyExA
RegRestoreKeyA
RegSaveKeyA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

StringFromGUID2

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

AddParam
ExecuteCommand
GetDLLSeed
GetInstalledLSPs
ResetParam
SetDLLAnswer
SetDLLOption

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc8d99a5ced987f4a7f0d3a4740963f3

Headers

File Characteristics

Imports

ws2_32

rpcrt4

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 5KB - Virtual size: 15KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 5KB - Virtual size: 15KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 12KB - Virtual size: 12KB