dd386851c931b748b6765c9507bd3f60c6edb75d502052929fe75db4d656c6cc

Sharing

Copy URL Twitter E-mail

General

Target

dd386851c931b748b6765c9507bd3f60c6edb75d502052929fe75db4d656c6cc
Size

144KB
MD5

446db85cc4b061cbcd24ac0fd22a4127
SHA1

c7bafe33c853290c86378e5b421dac7dbedbbe3b
SHA256

dd386851c931b748b6765c9507bd3f60c6edb75d502052929fe75db4d656c6cc
SHA512

d51dfc8eb00fc7aa9c4f580e0921b995348bb47ff6663619182c8b18fafc101efd21853f7086c2f21ad411c1d69effc4ca9b3b4204338d0613b6a792c74ba9fe
SSDEEP

3072:j6/XfqjVEi9VuP0BrVt5J9nMxwDVrPwDyY:tjFVuCrpJ5AwDVrPwD3

Score

N/A

Malware Config

Signatures

Files

dd386851c931b748b6765c9507bd3f60c6edb75d502052929fe75db4d656c6cc
.dll windows x86

1ec8390f2ad6a692f43acfff00ac7157

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
WaitForMultipleObjects
PeekNamedPipe
DisconnectNamedPipe
CreatePipe
GetStartupInfoA
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
GetLocalTime
SetFilePointer
LocalAlloc
UnmapViewOfFile
HeapAlloc
InitializeCriticalSection
WaitForSingleObject
GetCurrentProcess
lstrlenA
GetFileAttributesA
MoveFileA
ReadFile
GetProcAddress
RemoveDirectoryA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
GetLastError
GetVersionExA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetPrivateProfileSectionNamesA
lstrcpyA
DeleteCriticalSection
LoadLibraryA
RaiseException
InterlockedExchange

advapi32

FreeSid
GetTokenInformation
LookupAccountSidA
RegisterServiceCtrlHandlerA
SetServiceStatus
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LookupAccountNameA
IsValidSid

msvcrt

wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
realloc
_onexit
_initterm
_adjust_fdiv
strncat
__CxxFrameHandler
wcscpy
_errno
strncpy
strrchr
_except_handler3
free
malloc
strchr
_CxxThrowException
memmove
strstr
_ftol
__dllonexit
_strupr
_strnicmp
_strrev
_strnset
??3@YAXPAX@Z
??2@YAPAXI@Z
_strcmpi

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvfw32

ICClose
ICSendMessage
ICSeqCompressFrameEnd

Exports

Exports

ClassInfo
ClassName
CodeDLL
Fuck360
SchoolInfo
ServerDll
main

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lgnger
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec8390f2ad6a692f43acfff00ac7157

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.Lgnger Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 3KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 93KB

.Lgnger
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 3KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB