be52e9b0c0a123b2970c2cc31aedc4fa39f67baf156a681e785a99141e9aef15

Sharing

Copy URL Twitter E-mail

General

Target

be52e9b0c0a123b2970c2cc31aedc4fa39f67baf156a681e785a99141e9aef15
Size

120KB
MD5

504ab95c652be8ff281d22e64dbc32a1
SHA1

51c1a7fcbc5704305b0941b2685876ba2166fdf2
SHA256

be52e9b0c0a123b2970c2cc31aedc4fa39f67baf156a681e785a99141e9aef15
SHA512

ce07a9a5c1e0803cf450c97080244df2d3bc32f7b8dc38e75de5a58eb208838d12ed83026b5fbaf8f03521f32deb4a50574e299bb4196b251724e2f4fc53ded6
SSDEEP

3072:0cqS6h829wpxcp3tLRpcMi+Z45i5UCmkzD1WoVc:uSMKxcp9lup5i5UCDL

Score

N/A

Malware Config

Signatures

Files

be52e9b0c0a123b2970c2cc31aedc4fa39f67baf156a681e785a99141e9aef15
.dll windows x86

9fd673d85dd5c365045cdde33f6edbae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
CloseHandle
WaitForSingleObject
CreateSemaphoreA
DeviceIoControl
CreateFileA
ReleaseSemaphore
ReadFile
WriteFile
CreateEventA
GetVersion
GetCurrentDirectoryA
OpenFile
GetSystemDirectoryA
lstrcmpA
GetModuleHandleA
GetCurrentProcess
GetCurrentThread
SetEndOfFile
SetCurrentDirectoryA
LoadLibraryExA
GetProcAddress
GetLastError
GetTickCount
Sleep
GetModuleFileNameA
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
GlobalFree
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
HeapFree
HeapAlloc
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
SetFilePointer
IsBadReadPtr

user32

DispatchMessageA
PeekMessageA
wsprintfA
TranslateMessage

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
FreeSid
EqualSid
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
OpenThreadToken

wsock32

WSAStartup
socket
htonl
bind
WSAGetLastError
gethostbyname
htons
select
connect
closesocket
recv
inet_ntoa
send
ioctlsocket
WSACleanup

Exports

Exports

DDClose
DDExit
DDGetDeviceSubType
DDGetLastError
DDGetPortDescription
DDInit
DDIsReady
DDOpen
DDRead
DDWrite
DllMain

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fd673d85dd5c365045cdde33f6edbae

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 768B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 768B

.reloc
Size: 8KB - Virtual size: 5KB