0d459e5fed3b8297e98ae70e45203bafac0a0f8a0ff572ea6c94bc353d4bd522

Sharing

Copy URL

Twitter E-mail

General

Target

0d459e5fed3b8297e98ae70e45203bafac0a0f8a0ff572ea6c94bc353d4bd522
Size

125KB
MD5

fb4ddf47fe9ee8bdc4c2c3fe979c6800
SHA1

662fd36ea8635f95e9332c580d70445e589a4b75
SHA256

0d459e5fed3b8297e98ae70e45203bafac0a0f8a0ff572ea6c94bc353d4bd522
SHA512

14c5e570afa13d633dbd8c194c5fc7a6ccb96431dc254cb38bb92bc69a7103c55619e3e38a7daaa96266a3e76bea5dd0641f997b3a953cb934abc894b74dfa3b
SSDEEP

1536:nsdmguQ8rv/jbj/mFomnMV3oX4ShLtJrJAjfDfYXlfl:ns9p8rv/3VWMeLtJ+jfDfYXl

Score

N/A

Malware Config

Signatures

Files

0d459e5fed3b8297e98ae70e45203bafac0a0f8a0ff572ea6c94bc353d4bd522
.dll windows x86

e6184c85f1ca4059ba04e29c04e22f81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetProcAddress
LoadLibraryA
GetVersionExA
LocalFree
lstrlenA
FormatMessageA
GetLastError
GetLogicalDrives
TerminateProcess
Sleep
GetModuleFileNameA
HeapFree
LocalAlloc
VirtualProtect
VirtualFree
LocalLock
IsBadReadPtr
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
HeapAlloc
OpenProcess
CloseHandle
VirtualAlloc
FreeLibrary
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
IsBadWritePtr
HeapReAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetEndOfFile
SetFilePointer
GetStartupInfoA
GetStdHandle
GetCurrentProcessId
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
GetCurrentProcess
SetCurrentDirectoryA
SetEnvironmentVariableA
DeleteFileA
RemoveDirectoryA
MoveFileA
CreateDirectoryA
SetConsoleCtrlHandler
ReadFile
GetFileType
CreateFileA
GetCommandLineA
GetVersion
WideCharToMultiByte
GetModuleHandleA
WriteFile
UnhandledExceptionFilter
SetStdHandle
SetHandleCount
CreateProcessA

user32

ReleaseDC
GetDC
PostQuitMessage
DefWindowProcA
CreateWindowExA
MessageBoxA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteExA

rasapi32

RasEnumConnectionsA
RasGetErrorStringA

wsock32

WSAGetLastError
send
select
closesocket
shutdown
gethostname
connect
inet_addr
htons
gethostbyname
socket
WSACleanup
WSAStartup
recv

Exports

Exports

fnDialerDll

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6184c85f1ca4059ba04e29c04e22f81

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

rasapi32

wsock32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 30KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 30KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB