c62770bcfb2ece8aa95dd5ab34556b683787cd5c8700efab4818f9cd2be42ef4

Sharing

Copy URL Twitter E-mail

General

Target

c62770bcfb2ece8aa95dd5ab34556b683787cd5c8700efab4818f9cd2be42ef4
Size

231KB
MD5

30ede5108efd2944c3b42f537f7a4ccd
SHA1

105acfb6c1f7f6a1a86ca7c92d899829aedfad74
SHA256

c62770bcfb2ece8aa95dd5ab34556b683787cd5c8700efab4818f9cd2be42ef4
SHA512

6c936278f537ea10355fdc73fdd9174175f771b0e1d67799eb3f34d9ed53f971b824017abb6e9d0b364d2c5c9c0823c2d7744e06fcee509d4cd795b267e0a6e3
SSDEEP

6144:V3eK6hiOcqN/cFvvx93VR1Xv3j3eNloSf:V3bqiOZNUFnFR1/3iNl5

Score

N/A

Malware Config

Signatures

Files

c62770bcfb2ece8aa95dd5ab34556b683787cd5c8700efab4818f9cd2be42ef4
.dll windows x86

677f654cc7fd71bde2d308206eaa5834

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedCompareExchange
MultiByteToWideChar
GetUserDefaultLCID
ConvertDefaultLocale
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
SetCriticalSectionSpinCount
EnterCriticalSection
SleepEx
SwitchToThread
GetLastError
GetCurrentThread
GetSystemInfo
GetVersionExW
GetSystemDirectoryW
RaiseException
WaitForSingleObjectEx
GetOverlappedResult
GetComputerNameExW
SetLastError
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
QueryPerformanceFrequency
DuplicateHandle
GetThreadTimes
VirtualQuery
TlsAlloc
TlsFree
TlsSetValue
FileTimeToLocalFileTime
SystemTimeToFileTime
GetModuleHandleA
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
DebugBreak
GetProcessHeap
HeapAlloc
HeapSize
HeapReAlloc
HeapFree
HeapValidate
VirtualAlloc
VirtualFree
HeapCreate
SetThreadIdealProcessor
HeapDestroy
HeapCompact
GlobalMemoryStatusEx
OutputDebugStringA
DeleteCriticalSection
InterlockedExchange
SetEvent
GetCurrentDirectoryW
GetFullPathNameW
GetLongPathNameW
GetFileAttributesW
GetEnvironmentVariableW
GetLocalTime
FormatMessageW
LoadLibraryExW
LocalFree
IsDebuggerPresent
OutputDebugStringW
GetStartupInfoW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
TryEnterCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateEventW
GetDiskFreeSpaceW
ReleaseSemaphore
SetThreadPriority
WaitForMultipleObjects
CreateToolhelp32Snapshot
Thread32First
Thread32Next
ReadFile
WriteFile
ReadFileScatter
WriteFileGather
GetFileAttributesExW
MoveFileExW
CopyFileW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
ChangeTimerQueueTimer
DeleteTimerQueueTimer
DeleteTimerQueueEx
CreateTimerQueue
CreateTimerQueueTimer
PulseEvent
GlobalMemoryStatus
FindResourceA
FreeResource
_llseek
_lclose
_hread
IsDBCSLeadByte
_lread
_lopen
InitializeCriticalSection
ReadProcessMemory
GetVersionExA
GetDiskFreeSpaceExW
GetLocaleInfoA
GetACP
TlsGetValue
CreateSemaphoreW
CancelIo
SetFilePointerEx
GetFileSize
GetFileInformationByHandle
FlushFileBuffers
SetEndOfFile
SetFilePointer
MoveFileW
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetFileType
CreateFileW
GetSystemDirectoryA
LoadLibraryA
lstrlenW
SetThreadLocale
GetThreadLocale
ConvertThreadToFiber
ResumeThread
PostQueuedCompletionStatus
GetQueuedCompletionStatus
QueueUserWorkItem
CreateIoCompletionPort
BindIoCompletionCallback
UnregisterWait
UnregisterWaitEx
RegisterWaitForSingleObject
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FreeLibrary
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
LeaveCriticalSection
CloseHandle
FileTimeToSystemTime
GetTickCount
ResetEvent

ole32

CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitializeEx
StringFromGUID2
IIDFromString

oleaut32

VariantClear
VarBstrFromI4
SysStringByteLen
SysFreeString
SysAllocStringLen
SysStringLen
VarParseNumFromStr
VarR8FromCy
VarCyFromR8
VariantChangeTypeEx
VarPow
VarDiv
VarCyAdd
VariantChangeType
VariantCopy
VarI4FromStr
VarUI4FromStr
GetErrorInfo
VarBstrFromDate
VarBstrFromCy
VarBstrFromR8
VarBstrFromR4
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromI2
VarBstrFromUI1
VarBstrFromI1
VarBstrFromBool
VariantTimeToSystemTime
SystemTimeToVariantTime
VarFormatFromTokens
VarTokenizeFormatString
SysAllocString
VarCmp
VarFix
VarMul
VarSu
VarCySu
VarAdd

secur32

LsaRegisterLogonProcess
LsaConnectUntrusted
TranslateNameW
LsaFreeReturnBuffer
LsaLookupAuthenticationPackage
LsaDeregisterLogonProcess
LsaLogonUser

ntdsapi

DsMakeSpnW

psapi

GetProcessMemoryInfo

wsock32

ntohs
getservbyport
WSAGetLastError
gethostbyname
inet_addr
htonl
ioctlsocket
getservbyname
htons
gethostbyaddr
WSAStartup
WSACleanup
WSASetLastError
socket
connect
closesocket

Sections

CODE
Size: 182KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

677f654cc7fd71bde2d308206eaa5834

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

secur32

ntdsapi

psapi

wsock32

Sections

CODE Size: 182KB - Virtual size: 440KB

.abss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.atls Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 25KB - Virtual size: 25KB

CODE
Size: 182KB - Virtual size: 440KB

.abss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.atls
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 25KB - Virtual size: 25KB