7a65c1e2c392a0c2cf85f3f2a1c9072130f5f29ab6350d57dcc8434f15fddc0b

Sharing

Copy URL Twitter E-mail

General

Target

7a65c1e2c392a0c2cf85f3f2a1c9072130f5f29ab6350d57dcc8434f15fddc0b
Size

71KB
MD5

67064dd639762cc521910f380ca0b100
SHA1

4b67840a975f125f7cbbe26f47053fded1512c9b
SHA256

7a65c1e2c392a0c2cf85f3f2a1c9072130f5f29ab6350d57dcc8434f15fddc0b
SHA512

cdd7e50864dc367b691e26161d32641e690a30c3192aa996f50c2281b324191444a125ab8c14434665948d328853a1411c816f978114d8ca8ba08a8665deb687
SSDEEP

1536:f02BFTl4JVR2zf3JCdrtvTtk3vnYD+LtoKT9:smFTQYzwtvTSv55pT

Score

N/A

Malware Config

Signatures

Files

7a65c1e2c392a0c2cf85f3f2a1c9072130f5f29ab6350d57dcc8434f15fddc0b
.dll windows x86

5aa4b02276951a465e7726d016ce88e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WaitForSingleObject
GetModuleFileNameW
GetFileSize
ReadFile
WriteFile
CreateFileA
SetFilePointer
CreatePipe
GetSystemDirectoryA
CreateProcessA
PeekNamedPipe
LoadLibraryA
GetLocalTime
CreateEventW
SystemTimeToFileTime
SetFileTime
GetTempPathA
CreateThread
CloseHandle
SetEndOfFile
WriteConsoleW
SetStdHandle
HeapSize
LoadLibraryW
HeapReAlloc
GetConsoleMode
GetConsoleCP
RaiseException
GetStringTypeW
GetLastError
GetProcAddress
WideCharToMultiByte
DeleteFileA
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapFree
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
HeapAlloc
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
FlushFileBuffers

wininet

InternetOpenW
InternetSetOptionW
InternetConnectA
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersA
HttpAddRequestHeadersW
InternetSetCookieA
HttpOpenRequestW

ws2_32

gethostname
gethostbyname
inet_ntoa
inet_addr

iphlpapi

GetAdaptersInfo

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerW

Exports

Exports

ESEntry
ESHandle

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aa4b02276951a465e7726d016ce88e4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wininet

ws2_32

iphlpapi

advapi32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB