e68a6e70b27f302e5e81d6dacb43fd479fb8e360d9ee7a73ddd9b9e8d18abb76

General

Target

e68a6e70b27f302e5e81d6dacb43fd479fb8e360d9ee7a73ddd9b9e8d18abb76
Size

36KB
MD5

4198e16dc20254f49e79dc1aedf236a0
SHA1

747365e19ce9912a38b028a49ef3bb17e5924ec6
SHA256

e68a6e70b27f302e5e81d6dacb43fd479fb8e360d9ee7a73ddd9b9e8d18abb76
SHA512

41f0b6e658812536dd5894108db22830dcd5f117f171bc47da7e0b59bdc51642c2fe44ab86ccd67de961c1a500b1c06bda9106a288b23f86f41436e454b8b81b
SSDEEP

192:8uk4qabQZmvtjwbghXlzNFKYxg4+Gry4jXevLS6P4ri:8GZbQsvtkb0oUAsyeXevTs

Score

N/A

Malware Config

Signatures

Files

e68a6e70b27f302e5e81d6dacb43fd479fb8e360d9ee7a73ddd9b9e8d18abb76
.dll windows x86

1c910d65c83e594ee7d6f551fd03bbb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strncpy
ZwOpenProcess
_snwprintf
strchr
sscanf
_snprintf

shlwapi

StrStrIA
PathRemoveFileSpecA
StrStrIW

wininet

HttpSendRequestA
InternetSetOptionA
HttpOpenRequestA
InternetQueryOptionA
InternetCrackUrlA
InternetOpenA
InternetCloseHandle
InternetCrackUrlW
InternetConnectA

kernel32

LoadLibraryW
FlushInstructionCache
UnmapViewOfFile
GetProcAddress
MapViewOfFile
CreateFileMappingW
CreateFileW
GetModuleFileNameW
CreateThread
GetCommandLineA
OpenEventA
TerminateProcess
QueueUserWorkItem
CreateEventA
GetLastError
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateFileA
GetFileSize
VirtualAlloc
ReadFile
VirtualFree
CloseHandle
Sleep
WritePrivateProfileSectionW
LoadLibraryA

advapi32

CloseServiceHandle
StartServiceA
ControlService
QueryServiceStatusEx
OpenServiceA
OpenSCManagerA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c910d65c83e594ee7d6f551fd03bbb0

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shlwapi

wininet

kernel32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 17KB

.reloc Size: 512B - Virtual size: 434B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 17KB

.reloc
Size: 512B - Virtual size: 434B