96002a121b6df24ba7a21bb4a605c43de2e37537dc579c1107dbdb94ab779bd9

Sharing

Copy URL Twitter E-mail

General

Target

96002a121b6df24ba7a21bb4a605c43de2e37537dc579c1107dbdb94ab779bd9
Size

111KB
MD5

0a4ac905cf5ec4498fef339b0598149a
SHA1

f4cf53b575b22afb103171ff435d8a34cdc2ad71
SHA256

96002a121b6df24ba7a21bb4a605c43de2e37537dc579c1107dbdb94ab779bd9
SHA512

9f34e192f4137ddb31a52739e1194b1e739e0d165f32ae896aa688b0b134776f2ef792927979ba78f7a8e3111e94b1a5d694e8ef7a5715fe83a51d9d240b82e6
SSDEEP

1536:JGIb/ItIqkuvfZ/AuwzOWjxHUazqgwScwFSZhT2rx7X1AoO+FaPq3nKtXs6ow:JGkuxxvfGrxH028oV46Nw

Score

N/A

Malware Config

Signatures

Files

96002a121b6df24ba7a21bb4a605c43de2e37537dc579c1107dbdb94ab779bd9
.dll windows x86

8f9b6aab1f1b70e96d146414df4312cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
Sleep
WriteFile
GetTempPathA
CloseHandle
ReadFile
GetFileSize
CreateFileA
TerminateThread
CreateToolhelp32Snapshot
GetCurrentProcessId
SetThreadPriority
TerminateProcess
CreateEventA
OpenEventA
GetTickCount
OutputDebugStringA
GetCommandLineA
GetWindowsDirectoryA
Process32Next
CreateThread
GetVolumeInformationA
GetComputerNameA
GetVersionExA
GetLocalTime
CreateProcessA
OpenProcess
GetSystemDirectoryA
GetCurrentThreadId
DeviceIoControl
ExitProcess
DisableThreadLibraryCalls
VirtualAlloc
VirtualFree
MultiByteToWideChar
WriteProcessMemory
VirtualProtectEx
ReadProcessMemory
GetLastError
SetErrorMode
GetModuleHandleA
GlobalAlloc
GlobalLock
LoadLibraryA
GetProcAddress
GlobalUnlock
GlobalFree
GetModuleFileNameA
GetCurrentProcess
IsBadReadPtr
Process32First
WideCharToMultiByte

user32

GetWindowThreadProcessId
EnumWindows
GetWindowTextA
GetMessageA
PostMessageA
wsprintfA
PostThreadMessageA
GetInputState
ClipCursor

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetOpenW
InternetOpenUrlW

ws2_32

inet_ntoa
getpeername

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

netapi32

Netbios

iphlpapi

GetAdaptersInfo

msvcrt

_strlwr
strncat
time
srand
??2@YAPAXI@Z
strstr
atoi
strchr
strrchr
__CxxFrameHandler
sprintf
??3@YAXPAX@Z
wcscmp
wcslen
free
_initterm
malloc
_adjust_fdiv
_stricmp
_strupr
_strdup
abort

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f9b6aab1f1b70e96d146414df4312cc

Headers

File Characteristics

Imports

kernel32

user32

wininet

ws2_32

advapi32

netapi32

iphlpapi

msvcrt

Sections

.text Size: 94KB - Virtual size: 93KB

zdata Size: 9KB - Virtual size: 9KB

vdata Size: 1024B - Virtual size: 1024B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 94KB - Virtual size: 93KB

zdata
Size: 9KB - Virtual size: 9KB

vdata
Size: 1024B - Virtual size: 1024B

.reloc
Size: 6KB - Virtual size: 5KB