b7239afb10e2ae9311f1da98283048baab5f847efebb9a3cb3acde5db3a8eeb3

Sharing

Copy URL Twitter E-mail

General

Target

b7239afb10e2ae9311f1da98283048baab5f847efebb9a3cb3acde5db3a8eeb3
Size

140KB
MD5

614515461aac56ef433114b75d26f7ce
SHA1

047c755b5ddf64dad1a05856f46e704fce419c63
SHA256

b7239afb10e2ae9311f1da98283048baab5f847efebb9a3cb3acde5db3a8eeb3
SHA512

02fb6a1ca75f8c854fff02e6192bb6ade3398fe646511265d7449d3a85c85a1b7091cc0d88d2795dba4a786073d674cd75f0b5aee1f52af8148ec23c8d7c982f
SSDEEP

3072:7g1ZcWxJ9ormCIus8JhnuV7DdZqsSqxa5SdyVXi5g:E7xvormCbscwHq795Sdyo

Score

N/A

Malware Config

Signatures

Files

b7239afb10e2ae9311f1da98283048baab5f847efebb9a3cb3acde5db3a8eeb3
.dll windows x86

09f13d3919b5224527842d789e73ac35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetLocalTime
LocalAlloc
UnmapViewOfFile
PeekNamedPipe
FindNextFileA
GetDriveTypeA
GetProcAddress
lstrcpyA
GetVersionExA
lstrcmpA
FreeLibrary
GetPrivateProfileSectionNamesA
LoadLibraryA
GetSystemInfo
InterlockedExchange
RaiseException
GetLastError

gdi32

DeleteDC
GetDIBits
CreateDIBSection
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt

advapi32

RegDeleteValueA
GetTokenInformation
LookupAccountSidA
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
AdjustTokenPrivileges
RegCreateKeyExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegCloseKey
RegQueryValueA

msvcrt

realloc
wcstombs
_beginthreadex
calloc
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
strncat
_adjust_fdiv
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_strnset
_strrev
_except_handler3
strcmp
strcpy
strcat
memcmp
_CxxThrowException
memmove
strlen
malloc
_ftol
_strnicmp

winmm

waveOutOpen
waveOutPrepareHeader
waveInUnprepareHeader
waveOutGetNumDevs
waveInStop
waveInGetNumDevs
waveOutWrite
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInClose

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetOpenUrlA
InternetCloseHandle

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICSeqCompressFrameEnd
ICClose
ICSendMessage

psapi

EnumProcessModules
GetModuleFileNameExA

Exports

Exports

ClassInfo
ClassName
DCODELL
DMissll
MynNEG
SchoolInfo
main

Sections

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f13d3919b5224527842d789e73ac35

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

msvcrt

winmm

msvcp60

wininet

avicap32

msvfw32

psapi

Exports

Exports

Sections

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 6KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 6KB