0a6c4cbeb5ff1e9910bd727d525eacfce8d172a15701dfd6bab14dfba1fd36da

Sharing

Copy URL Twitter E-mail

General

Target

0a6c4cbeb5ff1e9910bd727d525eacfce8d172a15701dfd6bab14dfba1fd36da
Size

520KB
MD5

ac930719c7ac09c07226547b61a97dad
SHA1

23ce088ba7811a2795586075f449b188aea170fd
SHA256

0a6c4cbeb5ff1e9910bd727d525eacfce8d172a15701dfd6bab14dfba1fd36da
SHA512

06a4968a8f682ebb98eb80bb3da2474f227ba4fa1c2f8b0ca3a8b18f78730154c23e2b7b309ab538a8fe90c8055f01880517e3dee289c75b8057912d84f43c22
SSDEEP

768:4nReLRSSVfGXFmWxM7CroG6fRo3IJlWqes7UDIJBkvKuUnqm5uGrei1sp5LhIxY:w8YSVMFRDT8Je5DIJ4xCqN63qex

Score

N/A

Malware Config

Signatures

Files

0a6c4cbeb5ff1e9910bd727d525eacfce8d172a15701dfd6bab14dfba1fd36da
.dll windows x86

e79a0e39a894e6be53f21b33b64d784c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
WideCharToMultiByte
CompareStringW
MultiByteToWideChar
lstrcmpiW
DeviceIoControl
CreateFileW
CreateEventW
QueryDosDeviceW
GetOverlappedResult
HeapAlloc
CloseHandle
FreeLibrary
GetStartupInfoA
GetCommandLineA
GetSystemInfo
lstrcatA
CreateProcessA
OpenEventA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetACP
GetSystemWindowsDirectoryA
lstrlenA
lstrcpynA
TerminateProcess
LocalFree
EnterCriticalSection
lstrlenW
Sleep
GetLastError
LocalAlloc
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
GetProcAddress
LoadLibraryW
GetCalendarInfoW
LoadLibraryA
GetModuleHandleA
InterlockedCompareExchange
InterlockedExchange
RaiseException

msvcrt

_unlock
__dllonexit
_lock
_controlfp
isdigit
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
malloc
wcstoul
wcsncpy
_XcptFilter
_exit
_cexit
__getmainargs
wcslen
wcscmp
wcscpy
wcstombs
mbstowcs
free
exit
gmtime
calloc
putc
fputc
getenv
isspace
strncmp
fprintf
fclose
sprintf
printf
strncpy
_onexit
swscanf
system

shlwapi

SHDeleteKeyW

setupapi

SetupDiSetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList

ws2_32

getservbyport
htons
getprotobynumber
ntohs
closesocket
recv
WSAStartup
socket
setsockopt
gethostbyaddr
sendto
bind
htonl
getsockname
WSAGetLastError
ioctlsocket
gethostname
gethostbyname
connect

iphlpapi

GetAdaptersInfo
GetIpAddrTable
CancelIPChangeNotify

Exports

Exports

AWith
TheWhitespace

Sections

.text
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e79a0e39a894e6be53f21b33b64d784c

Headers

File Characteristics

Imports

kernel32

msvcrt

shlwapi

setupapi

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 472KB - Virtual size: 470KB

.idata Size: 4KB - Virtual size: 3KB

.didat Size: 2KB - Virtual size: 1KB

.data Size: 36KB - Virtual size: 357KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 472KB - Virtual size: 470KB

.idata
Size: 4KB - Virtual size: 3KB

.didat
Size: 2KB - Virtual size: 1KB

.data
Size: 36KB - Virtual size: 357KB

.reloc
Size: 4KB - Virtual size: 3KB