1f04048623c2f23866469a90f49873c5810e94fc6d80bedcc2c3061285db8f10

Sharing

Copy URL Twitter E-mail

General

Target

1f04048623c2f23866469a90f49873c5810e94fc6d80bedcc2c3061285db8f10
Size

68KB
MD5

5b0850090e7ee8cbe73fb7c86dc8a990
SHA1

515b93d7fb68dde333dc48243190e0e417a2cd68
SHA256

1f04048623c2f23866469a90f49873c5810e94fc6d80bedcc2c3061285db8f10
SHA512

a6ba4ba68bb1a92b62dcf6d4d44b3d75edceba81af511dfc4363aa39096a1d3ebad60620418cf7709766b7742d906b6987a330d0c324c61ffdb9f07fb01b0693
SSDEEP

1536:NZv2gG3TbxLWKejd+0drD019uOmmmMbEKex49pVO9L:fv2gG3RL4js0pDKnEEEL

Score

N/A

Malware Config

Signatures

Files

1f04048623c2f23866469a90f49873c5810e94fc6d80bedcc2c3061285db8f10
.dll windows x86

573583c77c0912015c35017c89e5aa93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetFullPathNameW
CreateProcessA
GetPrivateProfileIntA
WritePrivateProfileStringA
MoveFileA
GetLocaleInfoA
GetSystemDefaultLCID
LocalFree
MultiByteToWideChar
GetLocalTime
GetTempPathA
WritePrivateProfileStringW
GlobalUnlock
MoveFileExW
GlobalFree
GlobalAlloc
WideCharToMultiByte
GetShortPathNameW
GetFileSize
LoadLibraryA
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
GetVersionExA
GetCurrentProcess
GlobalLock
CloseHandle

shell32

SHGetFolderPathW

ole32

GetHGlobalFromStream
CoCreateInstance
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize

user32

GetSystemMetrics
ExitWindowsEx
GetDC

ws2_32

gethostbyname
socket
connect
send
recv
WSAStartup
htons
ioctlsocket
closesocket
WSAGetLastError
select

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

xpcom

NS_StringGetData
NS_CStringContainerFinish
NS_CStringGetData
NS_GetComponentManager
NS_CStringCloneData
NS_UTF16ToCString
NS_CStringContainerInit
NS_StringContainerInit
NS_StringContainerInit2
NS_StringContainerFinish
NS_CStringSetData
NS_GetServiceManager
NS_Alloc
NS_Free

msvcrt

??3@YAXPAX@Z
_ltoa
_itoa
_stat
_adjust_fdiv
_initterm
memcpy
iswdigit
towupper
isdigit
toupper
wcslen
srand
rand
_stricmp
_strcmpi
_snprintf
_strnicmp
free
malloc
_wremove
??2@YAPAXI@Z
_wcsnicmp
wcscpy
sprintf
__CxxFrameHandler
fclose
strncpy
time
fread
fseek
fopen
fflush
fwrite
tmpnam
strtok
rewind
_unlink
strrchr
strchr
_wtoi
_wcsicmp
wcscat
wcstok

Exports

Exports

NSGetModule
NSModule

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 836B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

573583c77c0912015c35017c89e5aa93

Headers

File Characteristics

Imports

kernel32

shell32

ole32

user32

ws2_32

advapi32

xpcom

msvcrt

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

.bss Size: - Virtual size: 836B

.edata Size: 4KB - Virtual size: 93B

.xdata Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 49KB

.bss
Size: - Virtual size: 836B

.edata
Size: 4KB - Virtual size: 93B

.xdata
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB