54b4ba7302db115c00c44edd9171bba29c063617e4e847033893ba939ecd18f4

Sharing

Copy URL Twitter E-mail

General

Target

54b4ba7302db115c00c44edd9171bba29c063617e4e847033893ba939ecd18f4
Size

51KB
MD5

ecb678f4fce9258ffbb3c74e220f9dc0
SHA1

265b5fb618281d81b1bb2c7ce96b531d244df9d5
SHA256

54b4ba7302db115c00c44edd9171bba29c063617e4e847033893ba939ecd18f4
SHA512

4ab97d60cea7e5c9e08fbc9dc8e2be5f9bfb30eac9c7b31e7936c59d7c642edbecbc2d170df25324432007a496d8c01268c453d10145af15ac5ce49803dea1cd
SSDEEP

1536:x2P+iDs7JQhC2uvJgPcsIyZairPLNrzh8:x2PV5hZaidrzh8

Score

N/A

Malware Config

Signatures

Files

54b4ba7302db115c00c44edd9171bba29c063617e4e847033893ba939ecd18f4
.dll windows x86

859198f8661fe6fc06d8b7ad8e13dc9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
CreateThread
InitializeCriticalSection
GetFileSize
CreateFileA
GetFileAttributesA
FindClose
DeleteFileA
GetLastError
FindNextFileA
SetLastError
lstrcmpA
FindFirstFileA
lstrcatA
GetEnvironmentVariableA
lstrcpyA
GetSystemDirectoryA
GetModuleHandleA
ReadFile
EnterCriticalSection
CloseHandle
TerminateThread
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFileAttributesA
Module32First
VirtualFree
VirtualAlloc
GetTickCount
IsBadStringPtrA
LocalFree
Sleep
LoadLibraryA
GetProcAddress
GetVersionExA
GetCurrentThread
SetThreadPriority
lstrlenA
ExitThread
lstrcmpiA
CreateProcessA

user32

wsprintfA
IsCharAlphaNumericA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

msvcrt

malloc
time
rand
strstr
sscanf
realloc
sprintf
isspace
atoi
strchr
free
fwprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
fgets
fclose
fputs
fopen
fwrite
floor
_ftol
tolower
atol
fputc
srand
system
__CxxFrameHandler
fprintf
wcslen
_strdup
wcsstr
_initterm
_adjust_fdiv
_CxxThrowException
_strnicmp
??1type_info@@UAE@XZ

ws2_32

recv
WSAStartup
bind
listen
inet_ntoa
ntohl
getpeername
recvfrom
htonl
getsockname
WSAAccept
shutdown
WSASocketA
setsockopt
sendto
send
socket
ioctlsocket
connect
WSAGetLastError
select
__WSAFDIsSet
closesocket
inet_addr
gethostbyname
htons

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

oleaut32

GetErrorInfo

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

859198f8661fe6fc06d8b7ad8e13dc9c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ws2_32

wininet

oleaut32

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 1.1MB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 1.1MB

.reloc
Size: 6KB - Virtual size: 5KB