c6fd0e90f3c8b803a329170c21a26afa88464df142cbdc9262037c8396365e63

Sharing

Copy URL

Twitter E-mail

General

Target

c6fd0e90f3c8b803a329170c21a26afa88464df142cbdc9262037c8396365e63
Size

110KB
MD5

c6a4ba42bdda16117ea1098e01c5147b
SHA1

7d122562bfe6c4656d124f681a0d50d100f5404d
SHA256

c6fd0e90f3c8b803a329170c21a26afa88464df142cbdc9262037c8396365e63
SHA512

1ea982859bf63702c7db0c17cfa787d74bcd7041eb2855e237f1116e72011f809695334c99aa7fbcad9acf2f9de9d8ba53213528abd83bb369fe14efc7cb1ccb
SSDEEP

1536:XIXbIMIqkuvfZ/AuwTVxsKDjirfmWHfqeyqkaUiqvic8fO89:X0fxxvfGTVaCkiqRue

Score

N/A

Malware Config

Signatures

Files

c6fd0e90f3c8b803a329170c21a26afa88464df142cbdc9262037c8396365e63
.dll windows x86

94b1b31b83541b0caf4c2392e00e045c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
SetThreadPriority
CloseHandle
Sleep
WriteFile
GetTempPathA
ReadFile
GetFileSize
CreateFileA
TerminateThread
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
CreateEventA
OpenEventA
GetCommandLineA
GetTickCount
OutputDebugStringA
GetWindowsDirectoryA
Process32Next
GetModuleHandleA
GetComputerNameA
GetVolumeInformationA
GetLocalTime
CreateProcessA
OpenProcess
GetSystemDirectoryA
GetCurrentThreadId
DeviceIoControl
ExitProcess
DisableThreadLibraryCalls
VirtualAlloc
VirtualFree
GetLastError
MultiByteToWideChar
WriteProcessMemory
VirtualProtectEx
ReadProcessMemory
SetErrorMode
GlobalAlloc
GlobalLock
LoadLibraryA
GetProcAddress
GlobalUnlock
GlobalFree
IsBadReadPtr
CreateThread
WideCharToMultiByte
GetModuleFileNameA
Process32First
GetCurrentProcess

user32

GetWindowThreadProcessId
EnumWindows
GetWindowTextA
GetMessageA
PostMessageA
wsprintfA
PostThreadMessageA
GetInputState
ClipCursor

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetOpenUrlW
InternetOpenW

ws2_32

inet_ntoa
getpeername

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

netapi32

Netbios

iphlpapi

GetAdaptersInfo

msvcrt

_strlwr
strncat
time
srand
??2@YAPAXI@Z
strstr
atoi
strchr
strrchr
__CxxFrameHandler
sprintf
??3@YAXPAX@Z
wcscmp
wcslen
free
_initterm
malloc
_adjust_fdiv
_stricmp
_strupr
_strdup
abort

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94b1b31b83541b0caf4c2392e00e045c

Headers

File Characteristics

Imports

kernel32

user32

wininet

ws2_32

advapi32

netapi32

iphlpapi

msvcrt

Sections

.text Size: 92KB - Virtual size: 91KB

zdata Size: 9KB - Virtual size: 9KB

vdata Size: 1024B - Virtual size: 1024B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 91KB

zdata
Size: 9KB - Virtual size: 9KB

vdata
Size: 1024B - Virtual size: 1024B

.reloc
Size: 7KB - Virtual size: 7KB