b2f6f820c09568b4250cdbe6bd75966d035f9bf0b9f7bda884f867c4d54f2c08

General

Target

b2f6f820c09568b4250cdbe6bd75966d035f9bf0b9f7bda884f867c4d54f2c08
Size

40KB
MD5

4c1cac73207c9190cc0db723c4b1388a
SHA1

79fc7b54c09bdb4529891e166cff2c526d0b3f3a
SHA256

b2f6f820c09568b4250cdbe6bd75966d035f9bf0b9f7bda884f867c4d54f2c08
SHA512

162a50c9668b4bfe201a4e9ed8e928393d5929e24f309c21f1488b61090b6cb89994ea9f8efd619922f3f8c63a957803262bb9a3abc83248a31882011a6e59ea
SSDEEP

768:pXmhvatn8GJo60B9xN67aOXZyNYAxb8QKzP:shvqS60B9x4BANYG8r

Score

N/A

Malware Config

Signatures

Files

b2f6f820c09568b4250cdbe6bd75966d035f9bf0b9f7bda884f867c4d54f2c08
.dll windows x86

6c19a22af62ffedf3048f59f4c10dcb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualQuery
VirtualProtect
VirtualFree
WriteProcessMemory
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
VirtualAlloc
VirtualAllocEx
GetFileTime
GetFileAttributesW
GetModuleFileNameW
DeleteFileW
SetFileAttributesW
LoadLibraryA
Sleep
GetCurrentProcessId
ExitThread
CreateMutexW
OpenMutexW
CreateProcessW
GetCommandLineW
OpenProcess
CreateThread
GetProcessHeap
HeapAlloc
HeapFree
GetVersionExA
GetModuleHandleA
CreateDirectoryW
WriteFile
GetTempPathW
GetWindowsDirectoryW
GetSystemDirectoryW
SetFilePointer
ReadFile
SetFileTime
CreateFileW
GetFileSize
CloseHandle
QueryPerformanceCounter
GetComputerNameA
QueryPerformanceFrequency

user32

TranslateMessage

advapi32

GetUserNameA
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegEnumValueW

shell32

ShellExecuteW

ws2_32

WSACleanup
recvfrom
select
socket
WSAStartup
ntohs
gethostbyname
inet_ntoa
inet_addr
htons
sendto
__WSAFDIsSet

avicap32

capGetDriverDescriptionA

psapi

GetModuleInformation
EnumProcessModules
EnumProcesses
GetModuleBaseNameW

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c19a22af62ffedf3048f59f4c10dcb7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

avicap32

psapi

Sections

.text Size: 38KB - Virtual size: 38KB

.reloc Size: 1024B - Virtual size: 826B

.text
Size: 38KB - Virtual size: 38KB

.reloc
Size: 1024B - Virtual size: 826B