f779fa84e1c4e699b803d3a6195500d7dd19798799424d8b74a6e4697417b47d

Sharing

Copy URL Twitter E-mail

General

Target

f779fa84e1c4e699b803d3a6195500d7dd19798799424d8b74a6e4697417b47d
Size

23KB
MD5

8ca640d26b0aeeeef68b90f4c7f9e6ed
SHA1

839f3f063b0f0e2f5aaea207e59ee5ca2e2bd17b
SHA256

f779fa84e1c4e699b803d3a6195500d7dd19798799424d8b74a6e4697417b47d
SHA512

39391abc581cd461fe18885bf6ee4cda54c66203f69a062f35c1322944ee37b44cb92ab36eb16e55545fb5c67e4a662b93f5cb1ebb398857a85bcf20c05f2b08
SSDEEP

384:LZvWyD6pY09rMfsJpnzt2Ad5eDmm54l/93vtjL/+fMqR9+kF:B3D6pYEYfsPnh2A04dRdoek

Score

N/A

Malware Config

Signatures

Files

f779fa84e1c4e699b803d3a6195500d7dd19798799424d8b74a6e4697417b47d
.dll windows x86

8fd17c9d15ab9ba02de6574f48d84530

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
ReleaseMutex
FreeLibraryAndExitThread
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
ExitProcess
VirtualFree
VirtualProtect
VirtualAlloc
Process32Next
WaitForSingleObject
CreateToolhelp32Snapshot
Module32Next
Module32First
GetCurrentProcessId
VirtualQuery
GetSystemInfo
GetProcAddress
CreateProcessA
WriteFile
CreateFileA
GetShortPathNameA
GetTempFileNameA
GetTempPathA
GetVersionExA
LoadLibraryA
OpenMutexA
Sleep
GetModuleHandleA
GetCurrentProcess
CreateEventA
PulseEvent
Process32First
CloseHandle

user32

GetWindowThreadProcessId
GetClassNameA
GetWindowTextA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
EnumDesktopWindows

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyA
RegCloseKey

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

wininet

InternetConnectA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntry
InternetOpenA
InternetCrackUrlA
HttpOpenRequestA

urlmon

URLDownloadToFileA

ws2_32

setsockopt
WSACleanup
closesocket

msvcrt

__CxxFrameHandler
_adjust_fdiv
_initterm
_onexit
__dllonexit
fopen
fgets
fclose
_ismbcspace
_mbsinc
memmove
abs
memcmp
sprintf
_mbsnbicmp
malloc
free
strcpy
_mbsstr
printf
_mbscmp
_mbsnbcpy
_mbsupr
memcpy
??2@YAPAXI@Z
atoi
_mbsicmp
_mbstok
strcat
_mbschr
_memicmp
_mbsrchr
memset
_snprintf
strlen
_ismbcprint

psapi

GetModuleInformation

Exports

Exports

_DllMain@12

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fd17c9d15ab9ba02de6574f48d84530

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcp60

wininet

urlmon

ws2_32

msvcrt

psapi

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.reloc
Size: 1KB - Virtual size: 1KB