87d41ff42aad1dba624ceefe3216dd29733005f2422773b3a0d3e5d4e5ef8fd6

Sharing

Copy URL Twitter E-mail

General

Target

87d41ff42aad1dba624ceefe3216dd29733005f2422773b3a0d3e5d4e5ef8fd6
Size

29KB
MD5

5523f98511ee50142cdbdd074e4fce75
SHA1

45533298a295359a4f871f3d660c4b1ad6abeac4
SHA256

87d41ff42aad1dba624ceefe3216dd29733005f2422773b3a0d3e5d4e5ef8fd6
SHA512

06cb05f7a86147961ac491be10f81f6d265c84d4d8c0489b54dfc7b443bf044226e75611b79af8dd2c4e66fe0607675f33601b24cf399ad2f92234a9958ad9f6
SSDEEP

384:vjWzPL9QREOUVxSU21T51MScbb9Aufl2qchrC8T2MYrdv9z5zqkuyHVZd:vSamxa51GbRpfl2qMCZrdVz5VHPd

Score

N/A

Malware Config

Signatures

Files

87d41ff42aad1dba624ceefe3216dd29733005f2422773b3a0d3e5d4e5ef8fd6
.dll windows x86

f185753e24aecd3e79e87e73f3914120

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetCurrentProcessId
IsBadReadPtr
GetTempPathA
CloseHandle
GetFileAttributesW
ReadProcessMemory
VirtualQueryEx
WideCharToMultiByte
ReadFile
GetFileSize
CreateFileA
SetFilePointer
GetProcAddress
OutputDebugStringA
GetModuleHandleA
TerminateProcess
AddVectoredExceptionHandler
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
FlushInstructionCache
Thread32Next
SetThreadContext
GetThreadContext
OpenThread
Thread32First
CreateToolhelp32Snapshot
GetCurrentProcess
HeapAlloc
DeleteFileA
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
CreateThread
LoadLibraryA
GetCommandLineA
Sleep
GetProcessHeap

user32

wsprintfA
GetDC
GetWindowRect
GetWindow
GetClassNameW

wininet

InternetCloseHandle

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
strcpy
atoi
strlen
strstr
strncpy
memset
strchr
strcat
strrchr
sprintf
free
wcscmp
ftell
fseek
fopen
mbstowcs
memcpy
srand
time
wcslen
wcsncat
wcscpy
wcsstr
exit
printf
malloc
_stricmp
_except_handler3
_local_unwind2
strcmp
_vsnprintf
__dllonexit
_onexit
rand
_strupr
_strcmpi

gdiplus

GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateDCA
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f185753e24aecd3e79e87e73f3914120

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

gdiplus

gdi32

msvcp60

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 2KB - Virtual size: 1KB