9814f4c86e4a5d8b61fc370a033c8d062bee778b3d750c8b328b0b2628adbc07

Sharing

Copy URL Twitter E-mail

General

Target

9814f4c86e4a5d8b61fc370a033c8d062bee778b3d750c8b328b0b2628adbc07
Size

111KB
MD5

01ec776d9f9214d9bd17ed6b46535bc9
SHA1

80820264ad771395207959704708896e8b9fdd6b
SHA256

9814f4c86e4a5d8b61fc370a033c8d062bee778b3d750c8b328b0b2628adbc07
SHA512

a597fd2071d0a4a69f53449d6dcdf4d9af7144ccf7771adfbb9f2a976f8cd64ba8390659ae608737a6631f851315e9885961a1248c98a4d859497cf85bb891cc
SSDEEP

1536:rwGIb/ItIqkuvfZ/AuwzOWjxHUazqgwScwFSZhT2rx7X1AoO+FaPq3nKtXs6ow:MGkuxxvfGrxH028oV46Nw

Score

N/A

Malware Config

Signatures

Files

9814f4c86e4a5d8b61fc370a033c8d062bee778b3d750c8b328b0b2628adbc07
.dll windows x86

8f9b6aab1f1b70e96d146414df4312cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
Sleep
WriteFile
GetTempPathA
CloseHandle
ReadFile
GetFileSize
CreateFileA
TerminateThread
CreateToolhelp32Snapshot
GetCurrentProcessId
SetThreadPriority
TerminateProcess
CreateEventA
OpenEventA
GetTickCount
OutputDebugStringA
GetCommandLineA
GetWindowsDirectoryA
Process32Next
CreateThread
GetVolumeInformationA
GetComputerNameA
GetVersionExA
GetLocalTime
CreateProcessA
OpenProcess
GetSystemDirectoryA
GetCurrentThreadId
DeviceIoControl
ExitProcess
DisableThreadLibraryCalls
VirtualAlloc
VirtualFree
MultiByteToWideChar
WriteProcessMemory
VirtualProtectEx
ReadProcessMemory
GetLastError
SetErrorMode
GetModuleHandleA
GlobalAlloc
GlobalLock
LoadLibraryA
GetProcAddress
GlobalUnlock
GlobalFree
GetModuleFileNameA
GetCurrentProcess
IsBadReadPtr
Process32First
WideCharToMultiByte

user32

GetWindowThreadProcessId
EnumWindows
GetWindowTextA
GetMessageA
PostMessageA
wsprintfA
PostThreadMessageA
GetInputState
ClipCursor

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetOpenW
InternetOpenUrlW

ws2_32

inet_ntoa
getpeername

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

netapi32

Netbios

iphlpapi

GetAdaptersInfo

msvcrt

_strlwr
strncat
time
srand
??2@YAPAXI@Z
strstr
atoi
strchr
strrchr
__CxxFrameHandler
sprintf
??3@YAXPAX@Z
wcscmp
wcslen
free
_initterm
malloc
_adjust_fdiv
_stricmp
_strupr
_strdup
abort

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f9b6aab1f1b70e96d146414df4312cc

Headers

File Characteristics

Imports

kernel32

user32

wininet

ws2_32

advapi32

netapi32

iphlpapi

msvcrt

Sections

.text Size: 94KB - Virtual size: 93KB

zdata Size: 9KB - Virtual size: 9KB

vdata Size: 1024B - Virtual size: 1024B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 94KB - Virtual size: 93KB

zdata
Size: 9KB - Virtual size: 9KB

vdata
Size: 1024B - Virtual size: 1024B

.reloc
Size: 6KB - Virtual size: 5KB