0c9852014ac0831de8b0469c8e1468710656b7f6a037f041533e6600f2b8c106

Sharing

Copy URL Twitter E-mail

General

Target

0c9852014ac0831de8b0469c8e1468710656b7f6a037f041533e6600f2b8c106
Size

64KB
MD5

f4554a6b0df8b2b85c1a9aab171e22e1
SHA1

7a7884f011334217ac8d22510fdf2039802c6a65
SHA256

0c9852014ac0831de8b0469c8e1468710656b7f6a037f041533e6600f2b8c106
SHA512

fa6e44c9a0e6c993b0546f87fdb7fad857a121271b214140c9868d7cdfdff6e5f003b57664b455a7bfd3347a7fe7a71d57cf33966b5be2cf96ecf6e852feacf6
SSDEEP

1536:A9wXIdhiZ7XSTAad9KDJeGS4sSlQ1uhP6OF5I65Do7fV:UwXXlCpQ4lzcpF5Iiyf

Score

N/A

Malware Config

Signatures

Files

0c9852014ac0831de8b0469c8e1468710656b7f6a037f041533e6600f2b8c106
.dll windows x86

90a702cb505da578cc4567744cf63e64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetModuleFileNameA
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
FindClose
FindFirstFileA
OpenProcess
GetTempPathA
GetCurrentProcess
ReleaseMutex
GetLastError
CreateMutexA
GetFileSize
Sleep
DeleteFileA
GetLocalTime
ReadFile
SetFilePointer
IsBadReadPtr
VirtualFree
ReadProcessMemory
VirtualAlloc
VirtualQueryEx
SetThreadPriority
CreateThread
CopyFileA
GetTickCount
GetPrivateProfileStringA
ExitProcess
TerminateProcess
WritePrivateProfileStringA
DeviceIoControl
lstrlenW
GetCurrentDirectoryA
lstrcmpiA
SetUnhandledExceptionFilter
Process32First
Process32Next
HeapAlloc
GetProcessHeap
HeapFree
VirtualProtect
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
OpenThread
GetThreadContext
SetThreadContext
CloseHandle
Thread32Next
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
AddVectoredExceptionHandler

user32

FindWindowA
GetDesktopWindow
GetWindowTextA
PostMessageA
wsprintfW
IsWindowVisible
GetWindowRect
GetDC
ReleaseDC
GetWindowTextW
GetForegroundWindow
GetClassNameW
GetWindow
wsprintfA
GetClassNameA

gdi32

CreateDCA
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

msvcrt

wcscpy
wcslen
strstr
_strcmpi
wcsncat
wcsstr
sscanf
_vsnprintf
rand
srand
strrchr
wcstombs
wcsncpy
fwrite
_strlwr
_strupr
wcscat
mbstowcs
??2@YAPAXI@Z
memset
memcpy
_except_handler3
strcat
strlen
_itoa
_stricmp
isprint
free
malloc
strchr
sprintf
strncpy
isspace
isalnum
fclose
fread
fopen
atoi
strcpy
??3@YAXPAX@Z
wcscmp

wsock32

WSAStartup
closesocket
send
connect
shutdown
socket
recv
htons

gdiplus

GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup

Exports

Exports

pfjaoidjgfdjkj
pfjaoidjglkajd

Sections

.bss
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90a702cb505da578cc4567744cf63e64

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

wsock32

gdiplus

Exports

Exports

Sections

.bss Size: - Virtual size: 2.0MB

.data Size: 39KB - Virtual size: 38KB

.CRT Size: 512B - Virtual size: 4B

.vmp0 Size: 21KB - Virtual size: 20KB

.reloc Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2.0MB

.data
Size: 39KB - Virtual size: 38KB

.CRT
Size: 512B - Virtual size: 4B

.vmp0
Size: 21KB - Virtual size: 20KB

.reloc
Size: 2KB - Virtual size: 2KB