a889cbcc2169ac5be78760c885643a6b53345afb9105dbff1c32e0015617de24

General

Target

a889cbcc2169ac5be78760c885643a6b53345afb9105dbff1c32e0015617de24
Size

15KB
MD5

56334aec15f74694af390ec0c1cf7a2d
SHA1

06fa343afed4051a4d81176e831ec55e50f703c7
SHA256

a889cbcc2169ac5be78760c885643a6b53345afb9105dbff1c32e0015617de24
SHA512

e7edad7b3bb09123c222e36669b4f937e486a83414fcb62b401bf5c354886ffad4f7af191ca8ec738cb17f5fe25f43271dd11e0fc14f41dc31e33b21105b3d7b
SSDEEP

192:K/JvlLiJNByx3yoqK2nx2IHqDk2DfWW3GnvzGrTHNOB9E7PJTOk5:2JN+J78qVKDBLWyGvzeTH4Bu7PJq

Score

N/A

Malware Config

Signatures

Files

a889cbcc2169ac5be78760c885643a6b53345afb9105dbff1c32e0015617de24
.dll windows x86

996545169671306554a5dd5ddf4b13b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
FindClose
FindNextFileA
lstrcpynA
lstrcpyA
lstrcmpA
FindFirstFileA
VirtualProtectEx
Module32Next
Module32First
ReadFile
GetModuleFileNameA
CreateThread
VirtualFreeEx
GetPrivateProfileStringA
LoadLibraryA
WinExec
TerminateProcess
GetCurrentProcess
GetCurrentProcessId
OpenProcess
CreateMutexA
GetLastError
ReleaseMutex
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetSystemDirectoryA
lstrlenA
CreateRemoteThread
WaitForSingleObject
GetModuleHandleA
GetProcAddress
WriteFile
CloseHandle
GetTempPathA
Sleep
GetTickCount

user32

wsprintfA
GetWindowThreadProcessId
EnumWindows
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA

gdi32

CreateFontIndirectA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shlwapi

StrStrIA

wininet

InternetCloseHandle

msvcrt

_itoa
_purecall
memcpy
strcmp
??2@YAPAXI@Z
strstr
strncat
strcat
strlen
memset
strcpy
??3@YAXPAX@Z

Sections

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

996545169671306554a5dd5ddf4b13b9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

wininet

msvcrt

Sections

.bss Size: - Virtual size: 12KB

.data Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 1KB