a90377d4c7d673957388b1cc122ae69f6e67fd0bf35a4f9b76f6b9220878484d

Sharing

Copy URL Twitter E-mail

General

Target

a90377d4c7d673957388b1cc122ae69f6e67fd0bf35a4f9b76f6b9220878484d
Size

16KB
MD5

a385b934f55f672af862e04fe76ff806
SHA1

56f449b0e5a7e6f3b5b29aeb65b1f05c2eaeb252
SHA256

a90377d4c7d673957388b1cc122ae69f6e67fd0bf35a4f9b76f6b9220878484d
SHA512

2a14fb608165082cc2f9dbe1b8e3a4129b2ceea1f8f75873c39e8c84a2ed81e6e4c15b25095786cf1a88093f3c7efb210d4595bf02770419dc913dc73f24f190
SSDEEP

384:mO+C7pe3z2OWkttyZ8jiSzJt/H+z6SImPFFmvw3d5vV5nLlY1:mbP3zVWkPyZ8jjJJSIGFWw3L3Li1

Score

N/A

Malware Config

Signatures

Files

a90377d4c7d673957388b1cc122ae69f6e67fd0bf35a4f9b76f6b9220878484d
.dll windows x86

7625b233f42e184563441b4a77cebff0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
GetSystemInfo
GetVolumeInformationA
CreateThread
CloseHandle
ResumeThread
SetThreadContext
GetThreadContext
WriteProcessMemory
VirtualAllocEx
CreateProcessA
GetProcAddress
CopyFileA
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualFree
VirtualAlloc
SetLastError
VirtualProtect
IsBadReadPtr
lstrcpyA
CreateFileA
GetTempPathA
lstrlenA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
WriteFile
ExitProcess
InterlockedIncrement
InterlockedExchangeAdd
DebugActiveProcessStop
TerminateProcess
ContinueDebugEvent
WaitForDebugEvent
DebugActiveProcess
OpenProcess
ExitThread
GetVersionExA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetCommandLineA
CreateMutexA
OpenMutexA
MapViewOfFile
GetLastError
CreateFileMappingA
Sleep
lstrcmpiA
HeapReAlloc
HeapFree
GetProcessHeap
GetTickCount
HeapAlloc

user32

wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

msvcrt

realloc
free

ws2_32

inet_addr

dbghelp

ImageNtHeader

shlwapi

StrDupA

dnsapi

DnsQuery_A
DnsRecordListFree

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7625b233f42e184563441b4a77cebff0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

ws2_32

dbghelp

shlwapi

dnsapi

wininet

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 830B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 830B