c3a478b764c6952b08b9180c4d78b73cd9ea41f2b522e0d462f7cb011d673063

Sharing

Copy URL Twitter E-mail

General

Target

c3a478b764c6952b08b9180c4d78b73cd9ea41f2b522e0d462f7cb011d673063
Size

147KB
MD5

e269c6a166843265390d4aad1042579b
SHA1

9dca74b2591c4c7e804793617822bdf7eba9f481
SHA256

c3a478b764c6952b08b9180c4d78b73cd9ea41f2b522e0d462f7cb011d673063
SHA512

cf2b5ab51b578f4aaa4367b1b2cc28e756b408f394360344b0964701f21eb672f6d46b073a0fce78ef21604a6bad59f6e9b5e0f0174afaf992d3382967ee4611
SSDEEP

3072:3g7y2iDGPrBVUT4RZOrtVFS3e71kdKwEJ2suLCeB90ukLZz7:w7/iDGz8Ta6tLie71kdKwEJLyzklf

Score

N/A

Malware Config

Signatures

Files

c3a478b764c6952b08b9180c4d78b73cd9ea41f2b522e0d462f7cb011d673063
.dll windows x86

2aadabdb6a7ee9aab3bea6e45a84d6ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
FreeLibrary
TerminateThread
Sleep
WaitForSingleObject
SetEvent
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ResetEvent
InterlockedExchange
GetLocalTime
GetCurrentProcessId
HeapAlloc
lstrlenA
GetDiskFreeSpaceExA
GetFileSize
SetFilePointer
CloseHandle
MapViewOfFile
CreateFileMappingA
HeapFree
UnmapViewOfFile
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
TerminateProcess
GetCurrentThreadId
GetSystemInfo
OpenEventA
ExpandEnvironmentStringsA
GetLastError
RaiseException
LocalAlloc

msvcrt

strstr
memcmp
_CxxThrowException
rand
strcpy
sprintf
strncpy
free
malloc
_except_handler3
strcmp
strrchr
strlen
_beginthreadex
atoi
wcstombs
_access
srand
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_ftol
ceil
putchar
memmove
__CxxFrameHandler
strcat
puts
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
memcpy
_strrev
_stricmp

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

Exports

Exports

EndWork
Runing
SONGMain
Working

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2aadabdb6a7ee9aab3bea6e45a84d6ac

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB