8476790b0194ebfb9cb0df59b753ac2013c2820cb0be1a7db67877a135dbb419

Sharing

Copy URL Twitter E-mail

General

Target

8476790b0194ebfb9cb0df59b753ac2013c2820cb0be1a7db67877a135dbb419
Size

208KB
MD5

a29bf4088535223efba7d5d6e79c0a79
SHA1

5486fca112ed9da541156c2c306d8cccf75398e0
SHA256

8476790b0194ebfb9cb0df59b753ac2013c2820cb0be1a7db67877a135dbb419
SHA512

9fc7cfd9565acb113b7671e5d6c36066b7bb79fefc0d6807313bf04c1d4ca6a7a4c02479aae99eb995d259600bb5d0ebf23457fab0e8b677458b0aa9bf7d5249
SSDEEP

6144:lwrH2HR3iKJGiiCMxr1qetnU9aunv9cH9DJ21m:6rW5iKGCMxpqetnUoPHV3

Score

N/A

Malware Config

Signatures

Files

8476790b0194ebfb9cb0df59b753ac2013c2820cb0be1a7db67877a135dbb419
.dll windows x86

58427feead666b88d4b330cf43229208

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetProcAddress
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
CompareStringA
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsFree
TlsAlloc
HeapAlloc
HeapFree
CloseHandle
GetFileType
GetLastError
CreateFileA
ReadFile
WriteFile
SetFilePointer
DeleteFileA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MoveFileA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
TerminateProcess
GetCurrentProcess
GetFileAttributesA
GetCurrentThreadId
TlsSetValue

gdi32

BitBlt
CreateDCA
CreateCompatibleDC
GetDIBits
GetObjectA
SelectObject
CreateCompatibleBitmap

wininet

InternetConnectA
HttpAddRequestHeadersA
InternetQueryDataAvailable
HttpQueryInfoA
HttpOpenRequestA
InternetCloseHandle
InternetSetOptionA

netapi32

NetShareEnum
NetUserEnum
NetApiBufferFree

ws2_32

gethostbyname
inet_ntoa
inet_addr
WSAIoctl
htons
WSACleanup
WSAStartup
send
recv
WSCEnumProtocols

iphlpapi

GetNetworkParams
GetAdaptersInfo

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

psapi

GetModuleFileNameExA
EnumProcessModules

ntdll

RtlUnwind

Exports

Exports

MainRun
ServiceMain

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58427feead666b88d4b330cf43229208

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

netapi32

ws2_32

iphlpapi

version

psapi

ntdll

Exports

Exports

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 28KB - Virtual size: 70KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 28KB - Virtual size: 70KB

.reloc
Size: 16KB - Virtual size: 13KB