8f9b65133b93d82e28bc77193b1007dcd74a604c0babc0d17503fe9fa921c5ee

Sharing

Copy URL Twitter E-mail

General

Target

8f9b65133b93d82e28bc77193b1007dcd74a604c0babc0d17503fe9fa921c5ee
Size

205KB
MD5

6f604cb0bdbdcbc42aac1cf128c11fae
SHA1

c4e32e32b19691bfb2d657e4ac2287dab78e70d9
SHA256

8f9b65133b93d82e28bc77193b1007dcd74a604c0babc0d17503fe9fa921c5ee
SHA512

975e0814a3b2bde0d75b145c59f90590c1ebf6c9ef22abb1a4f51417cbb2be119162fb0a0d9e203895410a438f0dc6f8f663e20e4965c4c824f93a0ead9cd937
SSDEEP

3072:M1s8xvfGB8Znpp3+tbTmLN9cLJVPZ6zlq193:M1s+f5Zpp3+RTmLN9cLLx6K3

Score

N/A

Malware Config

Signatures

Files

8f9b65133b93d82e28bc77193b1007dcd74a604c0babc0d17503fe9fa921c5ee
.dll windows x86

8037e60f61f3717c1fd4845d8448354e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
Sleep
WideCharToMultiByte
GlobalUnlock
DeleteFileA
WriteFile
GetTempPathA
ReadFile
GetFileSize
CreateFileA
TerminateThread
CreateToolhelp32Snapshot
GetCurrentProcessId
SetThreadPriority
CreateEventA
OpenEventA
GetTickCount
OutputDebugStringA
GetCommandLineA
GetWindowsDirectoryA
Process32Next
Process32First
GetVersionExA
GetLocalTime
CreateProcessA
OpenProcess
MoveFileExA
GetSystemDirectoryA
GetCurrentThreadId
DeviceIoControl
DisableThreadLibraryCalls
MultiByteToWideChar
VirtualAlloc
VirtualFree
WriteProcessMemory
VirtualProtectEx
GlobalAlloc
GetLastError
SetErrorMode
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
SetFilePointer
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GlobalLock
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalFree
GetModuleFileNameA
GetCurrentProcess
CreateThread
CloseHandle
ReadProcessMemory
ExitProcess
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetVersion
HeapFree
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapAlloc

user32

wsprintfA
GetWindowThreadProcessId
PostMessageA
GetWindowTextA
EnumWindows
GetMessageA
PostThreadMessageA
GetInputState
ClipCursor

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetOpenUrlW
InternetOpenW

ws2_32

getpeername
inet_ntoa

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegCloseKey

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8037e60f61f3717c1fd4845d8448354e

Headers

File Characteristics

Imports

kernel32

user32

wininet

ws2_32

advapi32

Sections

.text Size: 159KB - Virtual size: 158KB

zdata Size: 9KB - Virtual size: 9KB

vdata Size: 1024B - Virtual size: 1024B

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 159KB - Virtual size: 158KB

zdata
Size: 9KB - Virtual size: 9KB

vdata
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 10KB - Virtual size: 10KB