7d7d5efddd58a006ae95322123667dca2e53b89d12e1a8995266abf81552db2b

Sharing

Copy URL Twitter E-mail

General

Target

7d7d5efddd58a006ae95322123667dca2e53b89d12e1a8995266abf81552db2b
Size

375KB
MD5

f45e0798a16950053b1c43c823859ff0
SHA1

3eea6420d4930d8789ba32a2d5c2bf38ad0ff424
SHA256

7d7d5efddd58a006ae95322123667dca2e53b89d12e1a8995266abf81552db2b
SHA512

b1c763b66b8b92ec901b8cf223c02dab14412bda1271347be03d1990d78ee72346cdce7bf64b55a5a1bc8d9f4f98fd3a726c24f1cf8a9340668df1837fe15f66
SSDEEP

6144:yzBs1esxBwS/Vg0Gf7Ox+5VTHv2RrJCEtAZ8TBb4o7TNYfUPS72748yb8dpwlUPj:bV+7OkvzeRlCoAZ8TNrGc748ybxl2Ej

Score

N/A

Malware Config

Signatures

Files

7d7d5efddd58a006ae95322123667dca2e53b89d12e1a8995266abf81552db2b
.dll windows x86

e6c333b4b5eaf0d70a4ce5a7c9d0ff8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
MoveFileExA
GetExitCodeThread
CreateThread
GetCurrentThreadId
SystemTimeToFileTime
GetSystemTime
DeleteFileA
GetModuleFileNameA
GetFileSize
CreateFileA
GetTempFileNameA
GetTempPathA
WriteFile
GetWindowsDirectoryA
GetVersionExA
QueryDosDeviceA
DefineDosDeviceA
GetCurrentProcess
HeapReAlloc
GetOverlappedResult
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
Sleep
CloseHandle
GetLastError
FreeLibrary
ResetEvent
SetEvent
CreateEventA
IsBadReadPtr
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
HeapFree
GetProcessHeap
HeapAlloc
ReadFile
CreateMutexA
DeviceIoControl
GetVolumeInformationA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
InitializeCriticalSection
SetFilePointer
IsBadCodePtr
SetEndOfFile
SetUnhandledExceptionFilter
GetLocaleInfoA
ExitProcess
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection

user32

wsprintfA

advapi32

AddAce
RegDeleteValueA
InitializeSecurityDescriptor
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
AllocateAndInitializeSid
GetLengthSid
RegEnumKeyExA
IsValidSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

dnsapi

DnsRecordListFree
DnsQuery_A

ws2_32

WSAStartup
WSASend
WSASocketA
WSACreateEvent
WSAEventSelect
htons
gethostname
WSARecv
WSACloseEvent
WSAGetOverlappedResult
WSAGetLastError
shutdown
setsockopt
closesocket
WSAConnect
WSAEnumNetworkEvents

iphlpapi

GetIpAddrTable

Exports

Exports

mlmain

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6c333b4b5eaf0d70a4ce5a7c9d0ff8d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

dnsapi

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 4KB - Virtual size: 10KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 10KB

.reloc
Size: 12KB - Virtual size: 8KB