fec1eb56ae065ccf6f5049b337d0704aeac56c67a6884cbc803044c30615805e

Sharing

Copy URL Twitter E-mail

General

Target

fec1eb56ae065ccf6f5049b337d0704aeac56c67a6884cbc803044c30615805e
Size

312KB
MD5

35766a0102b41e4d369500323a7e8add
SHA1

edaf7042aee8df01fd446e4d6fdd5b860856ed2e
SHA256

fec1eb56ae065ccf6f5049b337d0704aeac56c67a6884cbc803044c30615805e
SHA512

877c9460f10c9176bbc3467f7a1667e96328a4329922006edf726fc986f7b86ca5455682ec01005751a7d31699f27f25b9123c679f596b31b0d3202f51cd253a
SSDEEP

3072:HWMjaHFd3jah2GBcVL6L+f4MqNeHu0pkEjscpi6M+0vmo2RvM:HWb/3jSLcVL6igvNeHRpkEjMxXOU

Score

N/A

Malware Config

Signatures

Files

fec1eb56ae065ccf6f5049b337d0704aeac56c67a6884cbc803044c30615805e
.dll windows x86

317080698f242cf134d097649999c9df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetGetConnectedState

kernel32

Sleep
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
GetTickCount
InterlockedExchange
CloseHandle
WaitForSingleObject
CreateProcessA
WideCharToMultiByte
GetCurrentProcess
GetProcAddress
LoadLibraryA
CreateMutexA
OpenMutexA
CreateThread
lstrcpynA
SetThreadPriority
GetCurrentThread
Process32Next
lstrcpyA
GetCurrentProcessId
Process32First
GlobalAddAtomA
MoveFileExA
WriteFile
SetFilePointer
GetStdHandle
CreateFileA
GetSystemTime
AllocConsole
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
lstrlenA
IsBadWritePtr
ResumeThread
SetThreadContext
GetThreadContext
GetModuleHandleA
_lclose
_lwrite
_lcreat
_lread
GetFileSize
_lopen
ReleaseMutex
GetLastError
GetModuleFileNameA
GlobalFindAtomA
GetSystemDirectoryA
CreateEventA
GetVersionExA
WaitForMultipleObjects
PulseEvent
ExitThread
VirtualAlloc
VirtualFree
HeapFree
HeapAlloc
GetProcessHeap
lstrcmpiA
SetStdHandle
GetOEMCP
GetACP
HeapReAlloc
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
lstrcatA
OpenProcess
SetEnvironmentVariableA
CreateToolhelp32Snapshot
Module32First
Module32Next
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
RaiseException
FlushFileBuffers
GetLocaleInfoW
CompareStringA
CompareStringW
UnmapViewOfFile
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
UnhandledExceptionFilter
SetConsoleCtrlHandler
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
TerminateProcess
HeapValidate
IsBadReadPtr
LCMapStringW
LCMapStringA
MultiByteToWideChar
FatalAppExitA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
DebugBreak
OutputDebugStringA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess

user32

GetWindowThreadProcessId
FindWindowA
CallNextHookEx
CharLowerA
wvsprintfA
SetWindowsHookExA

advapi32

CryptAcquireContextA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptGenRandom
CryptReleaseContext

ole32

CoInitialize
CoCreateGuid
CoUninitialize

ws2_32

gethostname
WSAGetLastError
send
inet_ntoa
inet_addr
gethostbyname
closesocket
connect
htons
socket
WSAStartup
ntohs
recv
select
sendto
gethostbyaddr

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

317080698f242cf134d097649999c9df

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

ole32

ws2_32

iphlpapi

Sections

.text Size: 264KB - Virtual size: 263KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 19KB

.idata Size: 8KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 264KB - Virtual size: 263KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 19KB

.idata
Size: 8KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 8KB