5bce0a8590a4952493397fcfba8da4c5d33832f9a727ba4e1af6d5e941aa22e4

Sharing

Copy URL Twitter E-mail

General

Target

5bce0a8590a4952493397fcfba8da4c5d33832f9a727ba4e1af6d5e941aa22e4
Size

117KB
MD5

f5d68dabc30a35edb7a3dc150587def2
SHA1

6b4823a909892aa6a4726a438275400bf9185ae9
SHA256

5bce0a8590a4952493397fcfba8da4c5d33832f9a727ba4e1af6d5e941aa22e4
SHA512

8bd4b30b2707a76fedd8d51d006ddad9f90567f8f7430e9f34404ae5fc437e61f89f085c95b141ba64b9ee1868ba3d16cd29543d219e781ddbfad7b4fa98bf7a
SSDEEP

3072:jPNMPAeXtxJXxRu+HGnoVckV8EkfZLyWJtMC:jPNytxNxhEoig8EkfZLyW/MC

Score

N/A

Malware Config

Signatures

Files

5bce0a8590a4952493397fcfba8da4c5d33832f9a727ba4e1af6d5e941aa22e4
.dll windows x86

0bfecfa8bb742cd2dfed23b9c05a6a97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
wcstombs
_CxxThrowException
realloc
strchr
strncat
printf
time
srand
rand
atoi
strncpy
strrchr
_except_handler3
malloc
free
strstr
_ftol
ceil
memmove
__CxxFrameHandler
??3@YAXPAX@Z
_strcmpi
_strnicmp
??2@YAPAXI@Z

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

kernel32

LoadLibraryA
MoveFileExA
FreeLibrary
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcess
SetLastError
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
LocalAlloc
LocalReAlloc
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDriveTypeA
lstrcatA
CreateProcessA
lstrlenA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
Sleep
CancelIo
InterlockedExchange
lstrcpyA
ResetEvent
VirtualAlloc
EnterCriticalSection
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
GetProcAddress
RaiseException
InitializeCriticalSection
VirtualFree
LeaveCriticalSection

userenv

CreateEnvironmentBlock

Exports

Exports

YANLHC

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bfecfa8bb742cd2dfed23b9c05a6a97

Headers

File Characteristics

Imports

msvcrt

msvcp60

kernel32

userenv

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 10KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 44B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 10KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 44B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB