bda018d3ef80d5d625922e493e0cc223867bbb31be8f0e4ece11e91ff6523665

Sharing

Copy URL Twitter E-mail

General

Target

bda018d3ef80d5d625922e493e0cc223867bbb31be8f0e4ece11e91ff6523665
Size

144KB
MD5

020f823b60b4bfe2d04ce046041fed7a
SHA1

7d081e553c41af3ab0be7e8d4c79c346ef16035c
SHA256

bda018d3ef80d5d625922e493e0cc223867bbb31be8f0e4ece11e91ff6523665
SHA512

08229648a2b0f81075838a538f401c97901f5288528ea60afad3a2cf584e3c4830b6257d05ea28346d9b8349828498f44f1cb14ebeeda5da745eb8c2d6a3f5e7
SSDEEP

3072:j6/XfqjVEi9VuP0BrVt5J9nMxwqVrPwDyY:tjFVuCrpJ5AwqVrPwD3

Score

N/A

Malware Config

Signatures

Files

bda018d3ef80d5d625922e493e0cc223867bbb31be8f0e4ece11e91ff6523665
.dll windows x86

1ec8390f2ad6a692f43acfff00ac7157

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
WaitForMultipleObjects
PeekNamedPipe
DisconnectNamedPipe
CreatePipe
GetStartupInfoA
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
GetLocalTime
SetFilePointer
LocalAlloc
UnmapViewOfFile
HeapAlloc
InitializeCriticalSection
WaitForSingleObject
GetCurrentProcess
lstrlenA
GetFileAttributesA
MoveFileA
ReadFile
GetProcAddress
RemoveDirectoryA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
GetLastError
GetVersionExA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetPrivateProfileSectionNamesA
lstrcpyA
DeleteCriticalSection
LoadLibraryA
RaiseException
InterlockedExchange

advapi32

FreeSid
GetTokenInformation
LookupAccountSidA
RegisterServiceCtrlHandlerA
SetServiceStatus
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LookupAccountNameA
IsValidSid

msvcrt

wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
realloc
_onexit
_initterm
_adjust_fdiv
strncat
__CxxFrameHandler
wcscpy
_errno
strncpy
strrchr
_except_handler3
free
malloc
strchr
_CxxThrowException
memmove
strstr
_ftol
__dllonexit
_strupr
_strnicmp
_strrev
_strnset
??3@YAXPAX@Z
??2@YAPAXI@Z
_strcmpi

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvfw32

ICClose
ICSendMessage
ICSeqCompressFrameEnd

Exports

Exports

ClassInfo
ClassName
CodeDLL
Fuck360
SchoolInfo
ServerDll
main

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lgnger
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec8390f2ad6a692f43acfff00ac7157

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.Lgnger Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 3KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 93KB

.Lgnger
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 3KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB