95751d463a064a90c6c3334d6d31dad14bc17082617935c48be2a29d6522a52e

Sharing

Copy URL Twitter E-mail

General

Target

95751d463a064a90c6c3334d6d31dad14bc17082617935c48be2a29d6522a52e
Size

118KB
MD5

bffe86f5ce68f2b4ef4f702bc8aa805a
SHA1

8b916cce83c7fb312f805b58f6fa583f4101ef69
SHA256

95751d463a064a90c6c3334d6d31dad14bc17082617935c48be2a29d6522a52e
SHA512

459fdccb4631c46b37b5a783b9ca82bab9ff9eb93245f18b78f62116bfe2f01854684d282d6f45206fa6445a10a338409c357fcd8a2bd74e7858fa4a00beed0a
SSDEEP

1536:B6ihjfA6PnhH4bdeH7wN/E2ozB6BPJCqFKNHWJGm1cEU7ztptk/:gERPZ4bdeI34M0JRtptk/

Score

N/A

Malware Config

Signatures

Files

95751d463a064a90c6c3334d6d31dad14bc17082617935c48be2a29d6522a52e
.dll windows x86

c99045497c034349322ce8d802d5f22b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetModuleFileNameA
MoveFileExA
InitializeCriticalSection
CreateFileA
DeleteCriticalSection
GetSystemTime
EnterCriticalSection
SystemTimeToFileTime
LeaveCriticalSection
ReadFile
CloseHandle
GetTickCount
WriteFile
GetCurrentProcess
FreeLibrary
GetExitCodeThread
SetEvent
CreateEventW
ExitThread
GetCurrentProcessId
GetLastError
CreateThread
ResetEvent
WaitForSingleObject
InterlockedIncrement
DebugBreak
GetVersionExW
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
ExpandEnvironmentStringsA
CreateIoCompletionPort
WaitForMultipleObjectsEx
ReleaseSemaphore
CreateSemaphoreW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
GetSystemInfo
WaitForSingleObjectEx
ExpandEnvironmentStringsW
HeapAlloc
HeapFree
WideCharToMultiByte
LoadLibraryW
HeapDestroy
HeapCreate
InterlockedDecrement
TlsAlloc
TlsSetValue
TlsFree
Sleep
TlsGetValue
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
SetLastError
HeapSize
ExitProcess
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime

user32

UnregisterClassW
PostQuitMessage
GetMessageW
TranslateMessage
DestroyWindow
DispatchMessageW
DefWindowProcW
RegisterClassW
CreateWindowExW
IsWindow
PostMessageW
CharLowerA

ole32

StringFromGUID2

ws2_32

inet_addr
htons
WSAStartup
WSAGetLastError
WSASetLastError
WSCInstallProvider
WSCWriteProviderOrder
WSCGetProviderPath
WSCDeinstallProvider
WPUCompleteOverlappedRequest
WSCEnumProtocols
WSACleanup

rpcrt4

UuidCreate

psapi

GetModuleBaseNameA

Exports

Exports

GetLspGuid
InstallLspDll
WSPStartup

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c99045497c034349322ce8d802d5f22b

Headers

File Characteristics

Imports

kernel32

user32

ole32

ws2_32

rpcrt4

psapi

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 8KB