c8ab6c06b2636145e18cc5f88c83735d7f5b1ec6d55804c7221e494b1ea33e61

Sharing

Copy URL

Twitter E-mail

General

Target

c8ab6c06b2636145e18cc5f88c83735d7f5b1ec6d55804c7221e494b1ea33e61
Size

88KB
MD5

47f9a9251d0b718b3e93c21b24a7cd4b
SHA1

213a2bd32bdaa26277eb918461b0eb8f456b4261
SHA256

c8ab6c06b2636145e18cc5f88c83735d7f5b1ec6d55804c7221e494b1ea33e61
SHA512

b57fbb9cf34a6bf19c7ba4585f63773198ac6c472e0939e2c7cec50aef0795ee55a23406b8ba4c36ca14a2c0c34ac104c01ec438f18c8c63bf02acf8f2b917ec
SSDEEP

1536:nML8BPUt7wYKwhbZMzaBTBH/oJaGjE7MrBoAl4ryxro1v:qx7BKKb/6jBrB5l4ryxro1v

Score

N/A

Malware Config

Signatures

Files

c8ab6c06b2636145e18cc5f88c83735d7f5b1ec6d55804c7221e494b1ea33e61
.dll windows x86

6b487920cd308cf81280f96eeaa66d8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
Sleep
WritePrivateProfileStringA
GetSystemDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetTempPathA
CreateDirectoryA
MoveFileA
WriteFile
PeekNamedPipe
CreateProcessA
GetStartupInfoA
CreatePipe
GetDiskFreeSpaceExA
GetDriveTypeA
FindClose
FindNextFileA
FindFirstFileA
lstrcatA
GetVersionExA
GlobalMemoryStatus
GetFileSize
CreateRemoteThread
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetFilePointer
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
ReadFile
GetTickCount
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetProcAddress
lstrcpyA
OpenProcess
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
GetComputerNameA
GetCurrentProcess
GetCurrentThreadId
GetModuleHandleA
CreateThread
WaitForSingleObject
SetEvent
HeapCreate
HeapDestroy
RaiseException
CloseHandle
CreateEventA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
GetVersion

user32

GetSystemMetrics
ReleaseDC
DrawIcon
GetCursorPos
IsRectEmpty
GetCursor
IsWindow
SendMessageA
MessageBoxA
DefWindowProcA
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
GetThreadDesktop
GetProcessWindowStation
CloseDesktop
CloseWindowStation
GetDC
wsprintfA

gdi32

SelectPalette
RealizePalette
GetDIBits
GetStockObject
CreateDCA
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
DeleteObject
GetObjectA

advapi32

RegQueryValueExA
LookupPrivilegeValueA
RegOpenKeyExA
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA
SHFileOperationA

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

ws2_32

recv
send
closesocket
setsockopt
connect
socket
ntohl
inet_addr
select
htonl
htons
inet_ntoa
gethostbyname
WSACloseEvent
WSAGetOverlappedResult
WSAResetEvent
WSAWaitForMultipleEvents
WSAGetLastError
WSASend
WSACreateEvent
WSAStartup

urlmon

URLDownloadToFileA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Exports

Exports

ConnectTo
InjectProcessConnectTo
StopClient

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b487920cd308cf81280f96eeaa66d8e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

avicap32

ws2_32

urlmon

wininet

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 14KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 14KB

.reloc
Size: 8KB - Virtual size: 5KB