d140e24d3220c3ad2f5a2d4631101a74a74378b4a0c0fac1f7a028ace1760e33

Sharing

Copy URL Twitter E-mail

General

Target

d140e24d3220c3ad2f5a2d4631101a74a74378b4a0c0fac1f7a028ace1760e33
Size

37KB
MD5

4e0b6c3d75c0ba65c1f5023ecae916d6
SHA1

c3f0f8b1fb065bd22fef9ce6ed0796c899f70677
SHA256

d140e24d3220c3ad2f5a2d4631101a74a74378b4a0c0fac1f7a028ace1760e33
SHA512

adfa52cdb6d173377c202398b4b9dfcd9e6eae02abc25ecf252cb4f7be6902319d77565d874f3e9f3c4e4a00239afd966464d48c287085931cc5753427b902f8
SSDEEP

768:2HTlFsAz9amBs/mOU45Y+s73suQv7dqQDRZBnyzkNG:WXsMca2245p3u07dqcRZBF

Score

N/A

Malware Config

Signatures

Files

d140e24d3220c3ad2f5a2d4631101a74a74378b4a0c0fac1f7a028ace1760e33
.dll windows x86

ae9334ae326c36cd3f32e383e910e80d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetLastError
SetFileAttributesA
VirtualProtect
CreateMutexA
OutputDebugStringA
IsBadReadPtr
GetFileSize
ReadFile
WaitForSingleObject
CreateThread
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
MultiByteToWideChar
DeleteFileA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
CloseHandle
GetModuleHandleA
Sleep
ExitProcess

user32

GetWindowTextA
wsprintfA
wvsprintfA
RegisterWindowMessageA
RegisterShellHookWindow
SetWindowLongA
GetClassNameA
CallWindowProcA
GetClientRect
GetDesktopWindow
GetDC
GetWindowRect
ReleaseDC
EnumWindows
GetWindowThreadProcessId
GetParent

gdi32

CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreateDCA
SelectObject
BitBlt
GetDeviceCaps
DeleteObject

gdiplus

GdipCloneImage
GdipAlloc
GdipFree
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipLoadImageFromFile
GdipSaveImageToFile
GdipDisposeImage
GdiplusShutdown

ws2_32

send
connect
recv
htonl
closesocket
WSACleanup
inet_ntoa
gethostbyname
socket
WSAStartup
bind
htons
inet_addr

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

rand
strrchr
time
srand
strchr
strncpy
malloc
wcscmp
__CxxFrameHandler
??2@YAPAXI@Z
strstr
memcpy
strncmp
strcat
atoi
sprintf
strlen
strcmp
strcpy
memset
free
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strupr
_strlwr
_strrev
_stricmp
_getpid
abs

netapi32

Netbios

Exports

Exports

DriverProc
KsCreateAllocator
KsCreatePin
KsCreateTopologyNode
modMessage
modmCallback

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae9334ae326c36cd3f32e383e910e80d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

ws2_32

msvcp60

wininet

msvcrt

netapi32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 543KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 543KB

.reloc
Size: 4KB - Virtual size: 3KB