c6302cb459bea9a4b9decbd763ad3fdd74c05097ee680bcca4cf65ddccec00bf

Sharing

Copy URL Twitter E-mail

General

Target

c6302cb459bea9a4b9decbd763ad3fdd74c05097ee680bcca4cf65ddccec00bf
Size

72KB
MD5

0c4fe37b5f339331892ad1108a916840
SHA1

5aabaa1e5dd0cee0c20f76b8778872bb08b06899
SHA256

c6302cb459bea9a4b9decbd763ad3fdd74c05097ee680bcca4cf65ddccec00bf
SHA512

fd4b981b8824f80c82d52874d1e6e2f8ad1b809a336d54b8e33a810016c6249fa4fa3811d274e2e546f69345d9bbc00eb525e7eef5c2724b24b70da1ca85b01d
SSDEEP

1536:Yn5TRu7HhcFmkYqLCCeSHAKY8mkZwuLgzowo/DP06b:YnpRaOeuYjj8wo/DP06

Score

N/A

Malware Config

Signatures

Files

c6302cb459bea9a4b9decbd763ad3fdd74c05097ee680bcca4cf65ddccec00bf
.dll windows x86

8e9946ad68c151120b7d8c20d752c936

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
DeviceIoControl
CreateFileA
GetCommandLineA
GetCurrentProcessId
GetModuleFileNameA
LoadLibraryW
GetSystemInfo
VirtualProtect
FlushFileBuffers
GetProcAddress
GlobalFree
GlobalAlloc
GetSystemDirectoryA
CloseHandle
Sleep
GetModuleHandleA
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
RtlUnwind
RaiseException
ExitThread
GetLastError
ResumeThread
CreateThread
GetCurrentThreadId
GetVersionExA
HeapAlloc
InterlockedExchange
VirtualQuery
HeapFree
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
IsBadWritePtr
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetLocaleInfoA

user32

FindWindowA
LoadStringA
GetClassNameA
GetForegroundWindow
GetKeyState
GetWindowThreadProcessId

advapi32

ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
StartServiceA
CreateServiceA

ws2_32

WSCGetProviderPath
WSCEnumProtocols

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Exports

Exports

WSPStartup

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e9946ad68c151120b7d8c20d752c936

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 348B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 348B

.reloc
Size: 8KB - Virtual size: 4KB