dc414f5287bea40502f9f3e30b0af99aeed57b90a80faf6038340f7b2c69e0e7

Sharing

Copy URL Twitter E-mail

General

Target

dc414f5287bea40502f9f3e30b0af99aeed57b90a80faf6038340f7b2c69e0e7
Size

22.4MB
MD5

8d722443a54eadf9031806d6df068e3e
SHA1

65a1d6b3edba7082661cfe789f63886a21ee331b
SHA256

dc414f5287bea40502f9f3e30b0af99aeed57b90a80faf6038340f7b2c69e0e7
SHA512

9f53c77e0e810e0e41e512db7e4d48cf27f12a69211d0636b5fa484a6d67af31e0936a783b3b6795376b0e3c0f77f40471769a730f640af85611e8765b27b10e
SSDEEP

1536:7eTLP1cmq1cvgNXJgqgrDgzxXf5csevtlGft11cK0kfWvJ8ojADJRlS1J699Km3:7ellRccrDgFv2S11Z0WiJ8NJRM1J69UY

Score

N/A

Malware Config

Signatures

Files

dc414f5287bea40502f9f3e30b0af99aeed57b90a80faf6038340f7b2c69e0e7
.dll windows x86

2593025228956fc0dbd72b1d8ca7499b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrcatA
GlobalFree
GlobalAlloc
GlobalUnlock
InterlockedExchange
SetErrorMode
FreeConsole
GetProcAddress
CreateThread
MultiByteToWideChar
lstrcpyA
FreeLibrary
LocalFree
FindClose
lstrlenA
GetLastError
LocalAlloc
CancelIo
LoadLibraryA
PeekNamedPipe
RaiseException

gdi32

DeleteDC
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateCompatibleBitmap
GetDIBits
DeleteObject

msvcrt

free
malloc
_except_handler3
strrchr
strcmp
strcpy
strcat
strncpy
atoi
strncmp
strchr
_errno
wcscpy
_snprintf
strncat
realloc
wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_strupr
_strnicmp
_CxxThrowException
??2@YAPAXI@Z
memset
__CxxFrameHandler
strstr
strlen
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
memcmp
_strcmpi

ws2_32

socket
recv
select
closesocket
send
inet_ntoa
gethostbyname
htons
inet_addr
gethostname
ioctlsocket
__WSAFDIsSet
recvfrom
sendto
connect
listen
accept
getpeername
bind
getsockname
WSAStartup
WSACleanup
WSAIoctl
setsockopt
ntohs

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

netapi32

NetLocalGroupAddMembers
NetUserAdd

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICSeqCompressFrame
ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICSeqCompressFrameEnd
ICCompressorFree
ICClose

psapi

EnumProcessModules
GetModuleFileNameExA
GetProcessMemoryInfo

Exports

Exports

Group
ServicesMain

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2593025228956fc0dbd72b1d8ca7499b

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

ws2_32

msvcp60

netapi32

wininet

avicap32

msvfw32

psapi

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 5KB