68ca2653d6a29bb4e04646c9a2aa4c094826445307d4eb8246904c235d1b81eb

Sharing

Copy URL Twitter E-mail

General

Target

68ca2653d6a29bb4e04646c9a2aa4c094826445307d4eb8246904c235d1b81eb
Size

128KB
MD5

127891dd1348b6109786260652e1e778
SHA1

7d9e2e5dd5db02c47f2058fd871f7c87a2ea09d4
SHA256

68ca2653d6a29bb4e04646c9a2aa4c094826445307d4eb8246904c235d1b81eb
SHA512

0bfb4031c54c36778f7b6596ee2290fa34a163e5e9345bba7355601d4ca7451d4fa329dc3a29709d931dde1918ffd5ba4db4d40a672a5f7e5c8ae9f759cf8335
SSDEEP

3072:Ge93aLvz2M4vQ7PMhwqxY7x0Jdf9NqXc9tPfmCD8OdaQOXJSU:F93aLvzfdkvxY7xgf9NqXMtfmCDJdaJl

Score

N/A

Malware Config

Signatures

Files

68ca2653d6a29bb4e04646c9a2aa4c094826445307d4eb8246904c235d1b81eb
.dll windows x86

a8275c371fb37c30d71dcce9ec9b6107

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
ioctlsocket
select
WSAGetLastError
connect
htons
socket
send
gethostbyname
recv
shutdown
__WSAFDIsSet
inet_addr
sendto
closesocket

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

crypt32

CryptStringToBinaryA
CryptBinaryToStringA

urlmon

ObtainUserAgentString

kernel32

LoadLibraryA
DeleteCriticalSection
GetVersionExA
CloseHandle
GetTempPathA
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetModuleHandleExA
SetEvent
Sleep
CreateEventA
ResetEvent
GetModuleFileNameA
CreateThread
GetTickCount
VirtualProtect
MoveFileExA
GetTempFileNameA
GetEnvironmentVariableA
CopyFileA
SetFileAttributesA
OpenEventA
CreateRemoteThread
VirtualAllocEx
GetCurrentProcessId
WriteProcessMemory
WaitNamedPipeA
ConnectNamedPipe
ReadFile
GetOverlappedResult
DisconnectNamedPipe
CreateNamedPipeA
SetNamedPipeHandleState
WaitForMultipleObjects
GetProcAddress
GetLastError
IsBadWritePtr
CreateProcessA
OpenProcess
InitializeCriticalSection
WriteFile
WaitForSingleObject
FreeLibrary
CreateFileA
lstrcpyA
lstrcmpiA
lstrcatA
EnterCriticalSection
LeaveCriticalSection
lstrlenA
CreateEventW
lstrcmpA
GetComputerNameExA
GetLocalTime
MultiByteToWideChar
lstrlenW
lstrcatW
lstrcpynA
FlushInstructionCache
GetModuleHandleA
GetCurrentProcess
WideCharToMultiByte
lstrcpyW
GetSystemDirectoryA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
RegOpenKeyW
RegCreateKeyW
OpenProcessToken
CryptExportKey
RegDeleteValueA
CryptAcquireContextW
RegOpenKeyA
InitializeSecurityDescriptor
RegSetValueExA
CheckTokenMembership
CryptReleaseContext
CryptImportKey
CryptEncrypt
FreeSid
AllocateAndInitializeSid
RegCloseKey
RegEnumKeyA
RegCreateKeyExA
RegQueryValueExA
CryptHashData
CryptDestroyHash
CryptDecrypt
CryptDestroyKey
CryptGenKey
CryptCreateHash
CryptGetHashParam

wininet

HttpOpenRequestW
HttpAddRequestHeadersA
HttpSendRequestW
InternetTimeFromSystemTimeA
HttpSendRequestA
InternetOpenA
InternetConnectW
InternetReadFile
InternetOpenW
HttpOpenRequestA
InternetCrackUrlA
InternetConnectA
HttpQueryInfoA
InternetCrackUrlW
InternetCloseHandle

dnsapi

DnsFree
DnsQuery_A

ole32

OleUninitialize
OleInitialize
CoCreateInstance

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

Exports

Exports

Init

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8275c371fb37c30d71dcce9ec9b6107

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

psapi

crypt32

urlmon

kernel32

advapi32

wininet

dnsapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 7KB - Virtual size: 79KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 7KB - Virtual size: 79KB

.reloc
Size: 5KB - Virtual size: 4KB