a313d0840fc77136f12b034e9ff7136c9b925e4a7f5c5ebe79d5fdfc4817540a

General

Target

a313d0840fc77136f12b034e9ff7136c9b925e4a7f5c5ebe79d5fdfc4817540a
Size

19KB
MD5

03aa9be46d8973486f64f9d15d48664a
SHA1

3d3e5374c71dba2451497449765cddc40b0ba496
SHA256

a313d0840fc77136f12b034e9ff7136c9b925e4a7f5c5ebe79d5fdfc4817540a
SHA512

5cc410cc54274600ac5af39c3c01c6a18e06fecc3a8fb5caba2abeb16a8a621929200d6480fb52cbf07bba89942981540ec9399f0938f6c8382bade836aa9b59
SSDEEP

384:0LSeFeHSpHsN1yK7xpquRWNvpcAuSvyp:0VFeyp6zqDvpcdI

Score

N/A

Malware Config

Signatures

Files

a313d0840fc77136f12b034e9ff7136c9b925e4a7f5c5ebe79d5fdfc4817540a
.dll windows x86

b039409000b6b03bae1471ee45d4ac4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
WriteProcessMemory
VirtualAllocEx
FindClose
FindNextFileA
lstrcpynA
lstrcpyA
lstrcmpA
FindFirstFileA
VirtualProtectEx
Module32Next
Module32First
ReadFile
GetModuleFileNameA
VirtualFreeEx
CreateRemoteThread
GetPrivateProfileStringA
CreateThread
Sleep
IsBadReadPtr
WinExec
TerminateProcess
GetCurrentProcess
GetCurrentProcessId
OpenProcess
CreateMutexA
GetLastError
ReleaseMutex
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetSystemDirectoryA
lstrlenA
WaitForSingleObject
GetModuleHandleA
GetProcAddress
WriteFile
CloseHandle
GetTempPathA
GetTickCount

user32

OpenWindowStationA
wsprintfA
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shlwapi

StrStrIA

wininet

InternetCloseHandle

netapi32

Netbios

msvcrt

??3@YAXPAX@Z
strcmp
_purecall
memcpy
??2@YAPAXI@Z
strstr
strncat
strcat
strlen
memset
strcpy
_itoa

Sections

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b039409000b6b03bae1471ee45d4ac4c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

netapi32

msvcrt

Sections

.bss Size: - Virtual size: 12KB

.data Size: 15KB - Virtual size: 14KB

.shared Size: 1024B - Virtual size: 784B

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 12KB

.data
Size: 15KB - Virtual size: 14KB

.shared
Size: 1024B - Virtual size: 784B

.reloc
Size: 2KB - Virtual size: 1KB