d7fba6d0a809febd6173920facc54ecd7139f6198cab9eb50527ef898d223b88

Sharing

Copy URL

Twitter E-mail

General

Target

d7fba6d0a809febd6173920facc54ecd7139f6198cab9eb50527ef898d223b88
Size

144KB
MD5

fa085a0cc51b2a481e88bf472d3b537e
SHA1

87bdbc2d7b5e7098c6ddd6d25a71f64599e29206
SHA256

d7fba6d0a809febd6173920facc54ecd7139f6198cab9eb50527ef898d223b88
SHA512

053519ea88403503ef29d551d086026d691cce21735b82e5917344b6dbbb2af6edad2c787958d3eafd3c23792c38cb2e929c8ba7c6c8c903c74f39d675d932a1
SSDEEP

3072:j6/XfqjVEi9VuP0BrVt5J9nMxwqVrRwDyY:tjFVuCrpJ5AwqVrRwD3

Score

N/A

Malware Config

Signatures

Files

d7fba6d0a809febd6173920facc54ecd7139f6198cab9eb50527ef898d223b88
.dll windows x86

1ec8390f2ad6a692f43acfff00ac7157

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
WaitForMultipleObjects
PeekNamedPipe
DisconnectNamedPipe
CreatePipe
GetStartupInfoA
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
GetLocalTime
SetFilePointer
LocalAlloc
UnmapViewOfFile
HeapAlloc
InitializeCriticalSection
WaitForSingleObject
GetCurrentProcess
lstrlenA
GetFileAttributesA
MoveFileA
ReadFile
GetProcAddress
RemoveDirectoryA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
GetLastError
GetVersionExA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetPrivateProfileSectionNamesA
lstrcpyA
DeleteCriticalSection
LoadLibraryA
RaiseException
InterlockedExchange

advapi32

FreeSid
GetTokenInformation
LookupAccountSidA
RegisterServiceCtrlHandlerA
SetServiceStatus
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LookupAccountNameA
IsValidSid

msvcrt

wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
realloc
_onexit
_initterm
_adjust_fdiv
strncat
__CxxFrameHandler
wcscpy
_errno
strncpy
strrchr
_except_handler3
free
malloc
strchr
_CxxThrowException
memmove
strstr
_ftol
__dllonexit
_strupr
_strnicmp
_strrev
_strnset
??3@YAXPAX@Z
??2@YAPAXI@Z
_strcmpi

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvfw32

ICClose
ICSendMessage
ICSeqCompressFrameEnd

Exports

Exports

ClassInfo
ClassName
CodeDLL
Fuck360
SchoolInfo
ServerDll
main

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lgnger
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec8390f2ad6a692f43acfff00ac7157

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.Lgnger Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 3KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 93KB

.Lgnger
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 3KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB