c569b822249c3832210038c9743e77883115fadfbad090bb9c8dc68530ec752a

Sharing

Copy URL Twitter E-mail

General

Target

c569b822249c3832210038c9743e77883115fadfbad090bb9c8dc68530ec752a
Size

60KB
MD5

7314503afe66f978b25044550221dc6b
SHA1

f29b66ee4a57c848cf9969970bfb0c6be6c8297a
SHA256

c569b822249c3832210038c9743e77883115fadfbad090bb9c8dc68530ec752a
SHA512

ced451da73a6e47fa7ac81e38dca6ac7a8240a8f81f524ec4a018e45b5ed6ba0e0021aa7c23737f6d5288b5c63aed52e8b1e7c073d00f9d6aaaff1b1fc11155a
SSDEEP

1536:mQK1QNcJMzpW4FTfJwGa5Om9pc1n7JAH:7KKcSzp59hNsyJM

Score

N/A

Malware Config

Signatures

Files

c569b822249c3832210038c9743e77883115fadfbad090bb9c8dc68530ec752a
.dll windows x86

b92484bc94d11bc3a1233ea6fa06d168

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
CloseHandle
GetLastError
LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetVersionExA
GetFileAttributesA
GetModuleFileNameA
TerminateThread
CreateThread
GetVolumeInformationA
CreateFileA
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
CreateDirectoryA
SetFileTime
WriteFile
LeaveCriticalSection
HeapAlloc
GetProcessHeap
VirtualProtect
EnterCriticalSection
InitializeCriticalSection
GetTickCount
GetModuleHandleA
GetProcAddress
Sleep
SetFilePointer
lstrlenA

user32

DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
SetWindowLongA
GetSystemMetrics
MoveWindow
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
wsprintfA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey

msvcrt

strncmp
_mbsstr
strcmp
calloc
atoi
memcmp
_stricmp
__dllonexit
_onexit
_initterm
_adjust_fdiv
strrchr
malloc
strlen
free
memcpy
realloc
strcpy
sprintf
strncpy
__CxxFrameHandler
rand
srand
strstr
memset
strcat
??3@YAXPAX@Z
??2@YAPAXI@Z

ws2_32

WSAStartup
inet_ntoa
gethostbyname
gethostname

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

userenv

LoadUserProfileA
UnloadUserProfile

shlwapi

PathAppendA

Exports

Exports

start

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b92484bc94d11bc3a1233ea6fa06d168

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ws2_32

version

userenv

shlwapi

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 1KB