bc68adede318281802986aa6f6a7cac55048dac8a4a378616d805752bc4b580b

Sharing

Copy URL

Twitter E-mail

General

Target

bc68adede318281802986aa6f6a7cac55048dac8a4a378616d805752bc4b580b
Size

33KB
MD5

978b8a61e0a8626b7547d697164369e9
SHA1

dd61b2e3f87fe2e74c1b425ac27ef924b807cd4e
SHA256

bc68adede318281802986aa6f6a7cac55048dac8a4a378616d805752bc4b580b
SHA512

f858f591ef4cad2378917e32671053a3637a61be1e45cbf6d54752f0890bec2800ef024783e9276869b8c2e5762164644815d6de1354cdca4c0c7a747a029051
SSDEEP

768:ZDcMyZhi+IiyzAH5EA0AH0QYXCv8nIwX3iiDG:ZoMyC+Iiy8HB5LbvAyGG

Score

N/A

Malware Config

Signatures

Files

bc68adede318281802986aa6f6a7cac55048dac8a4a378616d805752bc4b580b
.dll windows x86

5fd88d13b8443c2df635013c567633b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
HeapFree
HeapAlloc
lstrlenA
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CloseHandle
WriteFile
SetFileTime
CreateFileA
DeleteFileA
lstrcatA
ReadFile
GetFileSize
FindClose
FindNextFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SystemTimeToTzSpecificLocalTime
GetSystemTime
FileTimeToSystemTime
FindFirstFileA
GetFullPathNameA
CreateThread
GetFileTime
SetFilePointer
GetDriveTypeA
GetLogicalDriveStringsA
SetEndOfFile
Sleep
ReleaseMutex
lstrcpyA
TerminateThread
GetComputerNameA
GetVersionExA
SystemTimeToFileTime
SetCurrentDirectoryA
GetSystemDirectoryA
LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateProcessA
lstrcmpW
lstrlenW
LoadLibraryW
LocalFree
FreeLibrary
SetErrorMode
HeapCreate
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
HeapDestroy
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GetSystemTimeAsFileTime
GetTickCount

user32

UnhookWindowsHookEx
SetWindowsHookExA
DispatchMessageA
GetWindowTextA
GetMessageA
CreateWindowExA
RegisterClassA
DefWindowProcA
wvsprintfA
CallNextHookEx
ToAscii
TranslateMessage
GetKeyboardState
GetForegroundWindow

advapi32

OpenProcessToken
RegCloseKey
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegOpenKeyExA

ole32

CoTaskMemFree
CoInitialize

msvcrt

_local_unwind2
isalpha
wcsstr
strstr
strcpy
strcat
vsprintf
_except_handler3
memcmp
strcmp
_EH_prolog
__CxxFrameHandler
??2@YAPAXI@Z
memset
memcpy
rand
srand
atoi
strchr
memmove
sprintf
??3@YAXPAX@Z

ws2_32

recv
WSAGetLastError
closesocket
connect
htons
socket
inet_addr
gethostbyname
inet_ntoa
WSAStartup
WSACleanup
send

shlwapi

StrToIntA
StrDupA
StrToIntExA

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fd88d13b8443c2df635013c567633b5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

ws2_32

shlwapi

mpr

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB