5243867d16ff5d2f480771aff2a7094737345c87d970bb4c2e3768cf6f8476c2

Sharing

Copy URL Twitter E-mail

General

Target

5243867d16ff5d2f480771aff2a7094737345c87d970bb4c2e3768cf6f8476c2
Size

36KB
MD5

7f24db4994c9a08d7f4871f24dbf7c51
SHA1

42c9404666a00fefa8edd7889b03afe987a16526
SHA256

5243867d16ff5d2f480771aff2a7094737345c87d970bb4c2e3768cf6f8476c2
SHA512

14db23e9eac85c2f872860b336bb5ee84d71c37b20ff4dccd78f47f85404ada009a18990d78543a4694293283532a6e5aa677e0a65813a7f27b8869b474b9914
SSDEEP

768:8kkGbt4q7qKp6yDMIKEdQzG5h17NXR/ehu/TyzkNo2:8kkGp4CnpV3duWP7NXR24/h

Score

N/A

Malware Config

Signatures

Files

5243867d16ff5d2f480771aff2a7094737345c87d970bb4c2e3768cf6f8476c2
.dll windows x86

643bd8779541f9ed5bd300541706d8c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetLastError
SetFileAttributesA
VirtualProtect
CreateMutexA
OutputDebugStringA
WideCharToMultiByte
GetFileSize
ReadFile
WaitForSingleObject
CreateThread
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
MultiByteToWideChar
DeleteFileA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
CloseHandle
Sleep
GetModuleHandleA
ExitProcess

user32

GetWindowTextA
wsprintfA
wvsprintfA
RegisterWindowMessageA
RegisterShellHookWindow
SetWindowLongA
GetClassNameA
CallWindowProcA
GetClientRect
GetDesktopWindow
GetDC
GetWindowRect
ReleaseDC
EnumWindows
GetWindowThreadProcessId
GetParent

gdi32

CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreateDCA
SelectObject
BitBlt
GetDeviceCaps
DeleteObject

gdiplus

GdipCloneImage
GdipAlloc
GdipFree
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipLoadImageFromFile
GdipSaveImageToFile
GdipDisposeImage
GdiplusShutdown

ws2_32

send
connect
recv
socket
htonl
closesocket
inet_ntoa
gethostbyname
WSACleanup
WSAStartup
bind
htons
inet_addr

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

msvcrt

rand
strrchr
time
srand
strcat
strchr
strncpy
malloc
wcscmp
??2@YAPAXI@Z
memcpy
__CxxFrameHandler
strlen
strstr
strtok
atoi
sprintf
strcmp
memset
strcpy
free
__dllonexit
_onexit
_initterm
_adjust_fdiv
_getpid
_strrev
_stricmp
_strlwr
abs

netapi32

Netbios

Exports

Exports

DriverProc
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode
modMessage
modmCallback

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

643bd8779541f9ed5bd300541706d8c2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

ws2_32

msvcp60

wininet

msvcrt

netapi32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 542KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 542KB

.reloc
Size: 3KB - Virtual size: 3KB