916d9aefa7422ecfa562e827ac716179fe5edaddc20c3a1ba7718e6691cf0ea1

Sharing

Copy URL Twitter E-mail

General

Target

916d9aefa7422ecfa562e827ac716179fe5edaddc20c3a1ba7718e6691cf0ea1
Size

28KB
MD5

4f2ef68bc5a9754536645f53a88deb13
SHA1

4e5c562b2e4318fea09b171794f668fc495aedb3
SHA256

916d9aefa7422ecfa562e827ac716179fe5edaddc20c3a1ba7718e6691cf0ea1
SHA512

5d735d7d98af1dd3c6a8fa0fb0a4bc01a973d792ca9c8e1d49ff91d520112a48e9fcd65f491d9a6967ce29f9edc885203b2a8b6090def54473c31e4e14f30139
SSDEEP

384:nnm6wOADk6/be1cLKmm3bbxrQgMIs1qFyQCXcdcIOGWCz4ylLPl9eODQZXp8n:m6B6C1sGLbWTIM4CXcdfHz4Dg2XpC

Score

N/A

Malware Config

Signatures

Files

916d9aefa7422ecfa562e827ac716179fe5edaddc20c3a1ba7718e6691cf0ea1
.dll windows x86

313395f50074848d4d5fbf4bc963ed0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalUnlock
WriteFile
GlobalLock
GlobalAlloc
GetTempPathA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetPrivateProfileStringA
CreateThread
lstrcatA
DeleteFileA
GetSystemTime
WritePrivateProfileStringA
GetModuleFileNameA
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
LoadLibraryA
GetProcAddress
CreateFileA
ReadFile
GetFileSize
CloseHandle
GetTickCount
lstrcmpiA
lstrcpynA
lstrlenA
lstrcmpA
lstrcpyA
Sleep
ExitProcess
CopyFileA
GetSystemDirectoryA
FreeLibrary
QueryDosDeviceA
IsBadReadPtr
OutputDebugStringA

user32

PostThreadMessageA
UnhookWindowsHookEx
SetWindowsHookExA
ReleaseDC
GetDC
IsRectEmpty
GetWindowThreadProcessId
FindWindowExA
FindWindowA
PrintWindow
GetWindowInfo
SetForegroundWindow
ShowWindow
GetActiveWindow
IsIconic
GetWindowTextA
GetSystemMetrics
EnumWindows
CallNextHookEx

gdi32

GetDIBits
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette

advapi32

ControlService
OpenServiceA
CloseServiceHandle
DeleteService
OpenSCManagerA

wininet

InternetCloseHandle
HttpOpenRequestA
InternetQueryDataAvailable
InternetConnectA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetReadFile
HttpSendRequestA
InternetOpenA

ws2_32

gethostbyname
inet_ntoa

msvcrt

free
malloc
atoi
wcscmp
strstr
memmove
??2@YAPAXI@Z
??3@YAXPAX@Z

gdiplus

GdiplusStartup
GdipFree
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipLoadImageFromFile
GdiplusShutdown
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile

netapi32

Netbios

Exports

Exports

InstallService
wdof
wdon

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

313395f50074848d4d5fbf4bc963ed0c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

ws2_32

msvcrt

gdiplus

netapi32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 20KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 20KB

.reloc
Size: 3KB - Virtual size: 2KB