973e281da603e5bc27fb2c696fd6322bbdd40f03f86655cc047f23c878dbe945

General

Target

973e281da603e5bc27fb2c696fd6322bbdd40f03f86655cc047f23c878dbe945
Size

32KB
MD5

6b3d3c92082a9642a23b8e059f8c7a76
SHA1

5b068ea3b76466fcc3dfbf4a8698b04e0d95c72c
SHA256

973e281da603e5bc27fb2c696fd6322bbdd40f03f86655cc047f23c878dbe945
SHA512

67a8ef43f13ac95492d7afe44ebfdcd299c32dbc64105981c74a20c1e9b1e29ca24932e7eef680fc0c0c6d7bccfe1fc61ec2a16dc95f064875451434be121559
SSDEEP

768:S6ohKW1tAfjk4qBH2a8rmknqUmi6gob4qoapa:ODAfQDH2ayNDmb14Ia

Score

N/A

Malware Config

Signatures

Files

973e281da603e5bc27fb2c696fd6322bbdd40f03f86655cc047f23c878dbe945
.dll windows x86

a22666033366a8910129f9b9e4b2bc1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_initterm
free
_beginthreadex
wcslen
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
strncmp
memcpy
strchr
atoi
fopen
_stricmp
_strrev
_getpid
fseek
fread
fclose
strrchr
malloc
wcscmp
__CxxFrameHandler
abs
wcscpy
strstr
sprintf
strlen
strcpy
strcat

kernel32

WaitForSingleObject
GetFileSize
ExitProcess
VirtualProtect
GetModuleFileNameA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
GetSystemDirectoryA
MultiByteToWideChar
LoadLibraryA
GetWindowsDirectoryA
CloseHandle
CreateThread
WritePrivateProfileStringA
Sleep
GetPrivateProfileStringA
WideCharToMultiByte
GetProcAddress

user32

EnumWindows
GetWindowTextA
GetWindowThreadProcessId
GetParent
GetDC
GetClientRect
GetClassNameA
ReleaseDC
GetWindowRect
GetDesktopWindow

ws2_32

send
recv
htons
inet_addr
gethostbyname
inet_ntoa
closesocket
connect
WSAStartup
socket
WSACleanup

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA

gdiplus

GdipCloneImage
GdipAlloc
GdipFree
GdipGetImageEncoders
GdiplusStartup
GdipLoadImageFromFile
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile

Exports

Exports

AcsHlpAttemptConnection
AcsHlpNbConnection
AcsHlpNoteNewConnection
DriverProc
WSAttemptAutodialAddr
WSAttemptAutodialName
WSNoteSuccessfulHostentLookup
modMessage
modmCallback

Sections

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22666033366a8910129f9b9e4b2bc1e

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ws2_32

gdi32

gdiplus

wininet

Exports

Exports

Sections

.data Size: 17KB - Virtual size: 17KB

.reloc Size: 1KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 17KB

.reloc
Size: 1KB - Virtual size: 1KB