ad35195956e84d47006656577baeaa173a26523fa7fb39b1aba3b621489ea700

Sharing

Copy URL Twitter E-mail

General

Target

ad35195956e84d47006656577baeaa173a26523fa7fb39b1aba3b621489ea700
Size

68KB
MD5

af0e464d4baf3d691e8993404931eacd
SHA1

3695f4b27746591d11ca1ff4a2d903415418f878
SHA256

ad35195956e84d47006656577baeaa173a26523fa7fb39b1aba3b621489ea700
SHA512

a7becbf36ab89b2fedfa5e1a425653b552cf2f3c9e0159e062f2551764bcbe12b888377f703919d05fd8ee94116a2e2cbf1265fc4042c01f9146eeb6ca1df01c
SSDEEP

1536:ECJ/yhI8wUuaPdTYMJ5n7uriA1I6gtm6VgX:E26hIxmtCLa3tm0

Score

N/A

Malware Config

Signatures

Files

ad35195956e84d47006656577baeaa173a26523fa7fb39b1aba3b621489ea700
.dll windows x86

564f08a1b521d62d2afee5fec897e554

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
WriteFile
DeleteFileA
CloseHandle
GetLastError
CreateFileA
ReadFile
GetFileSize
GetSystemDirectoryA
PeekNamedPipe
WaitForSingleObject
CreateProcessA
CreatePipe
lstrcmpA
lstrlenA
lstrcpyA
TerminateThread
CreateThread
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStartupInfoA
RaiseException
GetStdHandle
GetFileType
HeapFree
HeapAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentThreadId
FreeLibrary
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
SetHandleCount
LocalFree
GetCPInfo
GetACP
SetEnvironmentVariableA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
GetOEMCP
SetStdHandle
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW

user32

wsprintfA

ws2_32

WSAStartup
gethostname
WSACleanup

oleaut32

GetErrorInfo

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

564f08a1b521d62d2afee5fec897e554

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

oleaut32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 17KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 17KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 4KB - Virtual size: 4KB