9c6c6dea9658b2a97f5db8da8ed88614566a72b2bd9b0742bb42bcdab20d06e6

Sharing

Copy URL Twitter E-mail

General

Target

9c6c6dea9658b2a97f5db8da8ed88614566a72b2bd9b0742bb42bcdab20d06e6
Size

48KB
MD5

a5dfd7158890950443e67f1a25d1a478
SHA1

4b82151ff0fa8ddc0dcdb01794f99733a18e84b1
SHA256

9c6c6dea9658b2a97f5db8da8ed88614566a72b2bd9b0742bb42bcdab20d06e6
SHA512

1ebde04db0c83d8c597d34df2581b87ac6e007037754251ffcd1fdb1f5a78ed603acdd4c3f0521dd4ab2eb02d4065ae31fe557518a613d37a2b6e0f028280e49
SSDEEP

768:hXX3F14hQhrYoE89dAiMsBMoBNL0pptWYk5B26V7+LeUrG:hnVJ9v40RApptWYb6VSLdrG

Score

N/A

Malware Config

Signatures

Files

9c6c6dea9658b2a97f5db8da8ed88614566a72b2bd9b0742bb42bcdab20d06e6
.dll windows x86

541b91f2afdd4cadb5e2af7b073dcf6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfA

advapi32

RegOpenKeyExA
OpenProcessToken
DuplicateToken
GetUserNameA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
SetThreadToken

ws2_32

inet_ntoa
gethostbyname
gethostname
WSAStartup
WSACleanup
recv
shutdown
send
socket
connect
WSAGetLastError
closesocket
getsockname
inet_addr
ntohs
htons

shlwapi

StrRChrA
StrChrA
StrTrimA
StrToIntA
wnsprintfA
StrStrA
wvnsprintfA
StrCmpNA

netapi32

Netbios

iphlpapi

GetAdaptersInfo

urlmon

URLDownloadToFileA

cabinet

FCIAddFile
FCIFlushFolder
FCICreate
FCIDestroy
FCIFlushCabinet

msvcrt

remove
strncpy
_initterm
_adjust_fdiv
_lseek
_close
_write
_itoa
_open
memcmp
_except_handler3
strrchr
atoi
strcmp
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf
strstr
memmove
strchr
strtok
time
srand
rand
strlen
strncmp
malloc
memcpy
_tempnam
strcpy
strcat
free
memset
_read

kernel32

GetLocalTime
GetDateFormatA
WaitForSingleObject
ReleaseMutex
CopyFileA
FileTimeToDosDateTime
CreateThread
ExitThread
CreateToolhelp32Snapshot
Process32First
Process32Next
SetFileAttributesA
GetModuleFileNameA
GetCurrentDirectoryA
SetPriorityClass
SetThreadPriority
ResumeThread
CreateProcessA
DisableThreadLibraryCalls
DeleteFileA
Sleep
GlobalMemoryStatus
FindFirstFileA
FindNextFileA
FindClose
OpenProcess
GetFileAttributesA
FileTimeToLocalFileTime
GetFileInformationByHandle
WideCharToMultiByte
LoadLibraryA
FormatMessageA
LocalFree
GetProcAddress
GetEnvironmentVariableA
GetLogicalDriveStringsA
GetVersionExA
lstrcmpA
GetComputerNameA
lstrcmpiA
GetWindowsDirectoryA
GetFileTime
SetFileTime
GetSystemDirectoryA
lstrcatA
lstrcpyA
lstrcpynA
GetTempPathA
CreateFileA
GetLastError
CloseHandle
GetFileSize
SetFilePointer
WriteFile
SetEndOfFile
ReadFile
lstrlenA

Exports

Exports

DllMain
DllTSMain
ServiceMain
SetDIPC
TStartUp

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

541b91f2afdd4cadb5e2af7b073dcf6b

Headers

File Characteristics

Imports

user32

advapi32

ws2_32

shlwapi

netapi32

iphlpapi

urlmon

cabinet

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB