eb62b3fce9608c276f3666e34c037aa9c34947c413f19a32bef97523c2149b0d

Sharing

Copy URL Twitter E-mail

General

Target

eb62b3fce9608c276f3666e34c037aa9c34947c413f19a32bef97523c2149b0d
Size

31KB
MD5

0a9beb184084986a9e57fb76600dfb94
SHA1

1891178664aae34a247ef0f93ad999952e8c035f
SHA256

eb62b3fce9608c276f3666e34c037aa9c34947c413f19a32bef97523c2149b0d
SHA512

17df10132e68aa2916c63577fbd42ea3a7b0121e962c4fa8274aa76dc7e475289b43364767669519de1b2425966abbf4b4c806b9ee4860e7e85b1e0c332f860a
SSDEEP

384:cVbUjcBGdNPYjegqe9pJ7sFRny0jTqJ9/q5EhvQYlEmbjy2vZZNrlGsoteCVFutO:cs4qeyDnE/qWiOBrlGsoomQyo

Score

N/A

Malware Config

Signatures

Files

eb62b3fce9608c276f3666e34c037aa9c34947c413f19a32bef97523c2149b0d
.dll windows x86

671300321554707e4a35d9f97ac3711d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
WriteFile
ReadFile
CreateFileA
SetFilePointer
CloseHandle
GetFileSize
SetLastError
LeaveCriticalSection
DeleteFileA
HeapDestroy
HeapReAlloc
FindClose
FindNextFileA
SystemTimeToTzSpecificLocalTime
GetSystemTime
EnterCriticalSection
FindFirstFileA
HeapFree
FileTimeToSystemTime
CreateThread
GetDriveTypeA
GetLogicalDriveStringsA
lstrlenW
GetProcAddress
SetEndOfFile
Sleep
ReleaseMutex
CreateMutexA
TerminateThread
lstrcmpA
HeapSize
Process32Next
Process32First
lstrlenA
CreateProcessA
TerminateProcess
OpenProcess
LocalFree
HeapAlloc
GetFullPathNameA
HeapCreate
GetLastError
InitializeCriticalSection
LoadLibraryA
WaitForSingleObject
FreeLibrary
DeleteCriticalSection
GetCurrentProcess
GetFileAttributesA
GetFileTime
CreateToolhelp32Snapshot

user32

ExitWindowsEx
CharUpperA
wvsprintfA

advapi32

RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegQueryInfoKeyA
AdjustTokenPrivileges
RegDeleteValueA

ole32

CoInitialize
CoTaskMemFree

ws2_32

gethostbyname
inet_addr
socket
htons
connect
closesocket
WSAGetLastError
recv
send
WSAStartup
WSACleanup

wininet

InternetGetConnectedState

shlwapi

StrToIntExA
StrDupA
StrToIntA

msvcrt

_local_unwind2
vsprintf
rand
srand
_adjust_fdiv
malloc
_initterm
free
isalpha
strstr
strchr
??3@YAXPAX@Z
_except_handler3
memmove
sprintf
__CxxFrameHandler
??2@YAPAXI@Z
atoi

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

671300321554707e4a35d9f97ac3711d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

wininet

shlwapi

msvcrt

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB