10af22279835fad8ea7a16f049ebfcea5775a0a32d2104f733a1830fd6c42bd0

Sharing

Copy URL Twitter E-mail

General

Target

10af22279835fad8ea7a16f049ebfcea5775a0a32d2104f733a1830fd6c42bd0
Size

38KB
MD5

110e8b32377273a3a4c3bcef1e0679a0
SHA1

8e64e8b46de37fd381c281820ffe203e18d74f9e
SHA256

10af22279835fad8ea7a16f049ebfcea5775a0a32d2104f733a1830fd6c42bd0
SHA512

95794af7866e0cfab0364822ec2d2a650eccf27908c8ca7f661a999dacf4d6aec0e031473f659a3a0511b3b79d5e9c32d3c9ec418341e3e8bbe65dbac326dd31
SSDEEP

768:gkh0eT8Japk2zwiyVHdKZ9EfIoo79fNX1KtUy2kNl4:gXECapkniyufM9o791XUJE

Score

N/A

Malware Config

Signatures

Files

10af22279835fad8ea7a16f049ebfcea5775a0a32d2104f733a1830fd6c42bd0
.dll windows x86

d0244255a6fb81cfab3ff0f705851e2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLastError
OpenProcess
TerminateProcess
SetFileAttributesA
VirtualProtect
CreateMutexA
OutputDebugStringA
GetFileSize
ReadFile
WideCharToMultiByte
WaitForSingleObject
CreateThread
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
MultiByteToWideChar
DeleteFileA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
CloseHandle
Sleep
GetModuleHandleA
ExitProcess

user32

RegisterWindowMessageA
RegisterShellHookWindow
SetWindowLongA
GetClassNameA
CallWindowProcA
GetClientRect
GetDC
GetWindowRect
ReleaseDC
EnumWindows
GetWindowThreadProcessId
GetParent
GetWindowTextA
GetDesktopWindow
wsprintfA
wvsprintfA

gdi32

CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreateDCA
SelectObject
BitBlt
GetDeviceCaps
DeleteObject

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdipLoadImageFromFile
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage
GdiplusShutdown

ws2_32

WSACleanup
WSAStartup
bind
htons
inet_addr
htonl
socket
connect
send
recv
inet_ntoa
gethostbyname
closesocket

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

msvcrt

rand
strrchr
time
srand
strcat
strchr
strncpy
malloc
wcscmp
??2@YAPAXI@Z
__CxxFrameHandler
strstr
strtok
atoi
sprintf
strlen
strcmp
memcpy
memset
strcpy
free
__dllonexit
_onexit
_initterm
_adjust_fdiv
_getpid
_strrev
_stricmp
_strlwr
abs

netapi32

Netbios

Exports

Exports

DriverProc
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode
modMessage
modmCallback

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0244255a6fb81cfab3ff0f705851e2d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

ws2_32

msvcp60

wininet

msvcrt

netapi32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 542KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 542KB

.reloc
Size: 4KB - Virtual size: 3KB