5c64d2a7be702592174c8c43525bd288eb7b2a13216cadcee64c5ac63a1509e3

Sharing

Copy URL Twitter E-mail

General

Target

5c64d2a7be702592174c8c43525bd288eb7b2a13216cadcee64c5ac63a1509e3
Size

58KB
MD5

349332909650fc0668309ba78fc3b8f0
SHA1

1aa42355a48cdbf2af142e21f96a4bfd1887c4c5
SHA256

5c64d2a7be702592174c8c43525bd288eb7b2a13216cadcee64c5ac63a1509e3
SHA512

a77abaa7b7c12ec3318a3f0e2620877caeb5c9186967ac47c1aa59168d7cfb8fa2b00088ad92061b3f28a68577cd1fa300a143eb1a773657f1cb3d0c7a86a739
SSDEEP

768:DfKvRNFadIqDnSRb2HBeqNSwt0z5aZFzG7ijJwvG+IqmcK0tE6fuvm0v4NodTc6S:DfV2pRb2hZSyifQyvG+ZzfaQKhgDiY

Score

N/A

Malware Config

Signatures

Files

5c64d2a7be702592174c8c43525bd288eb7b2a13216cadcee64c5ac63a1509e3
.dll windows x86

9406150a38440eea0a47c3149ad20fdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
GetFileSize
CreateFileA
GetModuleFileNameA
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
FindClose
FindFirstFileA
OpenProcess
GetTempPathA
GetCurrentProcess
GetProcAddress
ReleaseMutex
GetLastError
CreateMutexA
HeapAlloc
Sleep
DeleteFileA
ReadFile
SetFilePointer
IsBadReadPtr
VirtualFree
ReadProcessMemory
VirtualAlloc
VirtualQueryEx
SetThreadPriority
CreateThread
CopyFileA
GetTickCount
ExitProcess
TerminateProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcatW
lstrcpyW
GetModuleFileNameW
lstrcmpiA
SetUnhandledExceptionFilter
GetLocalTime
GetProcessHeap
VirtualProtect
CreateToolhelp32Snapshot
GetCurrentProcessId
CloseHandle

user32

GetWindow
GetClassNameW
GetForegroundWindow
GetWindowTextW
GetClipboardData
wsprintfA
OpenClipboard
keybd_event
EmptyClipboard
PostMessageA
GetClassNameA
GetWindowTextA
GetDesktopWindow
CloseClipboard
FindWindowA

gdi32

CreateDCA
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
SelectObject
DeleteDC

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

msvcrt

_strlwr
_strcmpi
_wtoi
sscanf
srand
rand
wcsstr
wcsncat
wcslen
wcscpy
wcscat
mbstowcs
wcscmp
atoi
free
memset
memcpy
_except_handler3
_stricmp
strcat
strrchr
strlen
??3@YAXPAX@Z
??2@YAPAXI@Z
strstr
strcpy
strchr
sprintf
strncpy
isspace
isalnum
malloc

wsock32

connect
recv
closesocket
send
shutdown
WSAStartup
socket
htons

gdiplus

GdipCreateFont
GdipCreateSolidFill
GdipDrawRectangleI
GdipCreatePen1
GdipGraphicsClear
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDrawString
GdipDeleteBrush
GdipDeleteFont
GdipDeleteFontFamily
GdipDeletePen
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipAlloc
GdiplusStartup
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateFontFamilyFromName

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
HttpEndRequestA
InternetConnectA
HttpOpenRequestA
HttpSendRequestExA
InternetWriteFile

shlwapi

PathRemoveFileSpecW

Exports

Exports

InstallSvr1
InstallSvr2

Sections

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9406150a38440eea0a47c3149ad20fdb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

wsock32

gdiplus

wininet

shlwapi

Exports

Exports

Sections

.bss Size: - Virtual size: 5KB

.data Size: 31KB - Virtual size: 31KB

.CRT Size: 512B - Virtual size: 4B

.vmp0 Size: 23KB - Virtual size: 22KB

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 5KB

.data
Size: 31KB - Virtual size: 31KB

.CRT
Size: 512B - Virtual size: 4B

.vmp0
Size: 23KB - Virtual size: 22KB

.reloc
Size: 2KB - Virtual size: 1KB