8226f4cf4c49e2edf8c5b0bdc74957b7c46e94a184092b950dce7989332fff31

Sharing

Copy URL Twitter E-mail

General

Target

8226f4cf4c49e2edf8c5b0bdc74957b7c46e94a184092b950dce7989332fff31
Size

132KB
MD5

64802b30d39a6e03764d9fbce29fdda0
SHA1

3dd086cdc7021d1a8f318648bfe756d3275dd28d
SHA256

8226f4cf4c49e2edf8c5b0bdc74957b7c46e94a184092b950dce7989332fff31
SHA512

b05129e8ac90c84b0eddbb0b03cbb7010000e935ddc10f2af82c5f791e80f1eb2404aacd7110a327f279a6936391b184e45a32ca6b86199fd343153a7b097d66
SSDEEP

1536:zjuAUuHQvolqJt5TGiS7ykZOyL/eqf41OiZrf3ATTVR0kyp/rPj6htM2oAEqEB:vuAUtoQGiOYjQqzbjStMtrq

Score

N/A

Malware Config

Signatures

Files

8226f4cf4c49e2edf8c5b0bdc74957b7c46e94a184092b950dce7989332fff31
.dll windows x86

bb4643b00f619a027678b1c7c24ac7cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpQueryInfoA
HttpSendRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

shell32

SHCreateDirectoryExA

user32

TranslateMessage
wsprintfA
PostThreadMessageA
PeekMessageA
GetMessageA

shlwapi

PathFileExistsA

kernel32

HeapDestroy
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
CloseHandle
CreateEventA
ResetEvent
SetEvent
WaitForSingleObject
GetLastError
GetTickCount
CreateFileA
SetFilePointer
WriteFile
MoveFileExA
DeleteFileA
Sleep
FindFirstFileA
lstrlenA
lstrcpyA
lstrcatA
TerminateThread
GetModuleFileNameA
FindClose
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
ResumeThread
CreateThread
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
MultiByteToWideChar
ReadFile
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers

Exports

Exports

??0CUpdateModule@@QAE@XZ
??4CUpdateModule@@QAEAAV0@ABV0@@Z
?fnUpdateModule@@YAHXZ
?nUpdateModule@@3HA
Check
Down
GetFileMD5
Stop
TerminateStop

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb4643b00f619a027678b1c7c24ac7cd

Headers

File Characteristics

Imports

wininet

shell32

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1010B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1010B

.reloc
Size: 8KB - Virtual size: 7KB