b1d6e99847a50253183a12a67fb9385c8a45015788636b9419d008938f17fdb5

Sharing

Copy URL Twitter E-mail

General

Target

b1d6e99847a50253183a12a67fb9385c8a45015788636b9419d008938f17fdb5
Size

37KB
MD5

462f5e44e03eece751fb1301050e584d
SHA1

a03393cd8f1c3b99fa8b5c3fade44c92436e3e0e
SHA256

b1d6e99847a50253183a12a67fb9385c8a45015788636b9419d008938f17fdb5
SHA512

e30785979ebc767fe10a8098fff8b289ba48a0f60ad0068e45fbebef737f589ab8229632d9f0d0af0424a5f071c276cf002fab86e00bcba0789c4784dc39d090
SSDEEP

768:lA0XPeh9qPd8EGXsa7fMvaCGAU6KD0PFk:lA0XPdd8s7LtU12Fk

Score

N/A

Malware Config

Signatures

Files

b1d6e99847a50253183a12a67fb9385c8a45015788636b9419d008938f17fdb5
.dll windows x86

9c1aca707c5d262c3ceee2820114a72c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibraryAndExitThread
SetThreadPriority
GetCurrentThread
ReleaseMutex
FreeLibrary
GetCurrentProcessId
SetEvent
CreateMutexA
SleepEx
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
InterlockedCompareExchange
VirtualFree
VirtualProtect
VirtualAlloc
WaitForSingleObject
DeviceIoControl
WaitForMultipleObjects
FlushFileBuffers
WriteFile
GetSystemDirectoryA
Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
VirtualQuery
GetSystemInfo
GetProcAddress
GetCommandLineA
InterlockedExchange
GetPrivateProfileStringA
GetShortPathNameA
ResetEvent
LoadLibraryA
CreateEventA
GetLastError
GetTempPathA
GetTempFileNameA
Sleep
CreateProcessA
CreateFileMappingA
DeleteFileA
OpenEventA
GetModuleHandleA
GetCurrentProcess
MapViewOfFile
UnmapViewOfFile
CloseHandle
CreateFileA

user32

GetWindowThreadProcessId
GetClassNameA
GetWindowTextA
MapVirtualKeyA
ToAscii
GetKeyState
UnhookWindowsHookEx
SetWindowsHookExA
EnumDesktopWindows
CallNextHookEx

advapi32

StartServiceA
DeleteService
CloseServiceHandle
RegOpenKeyA
RegEnumValueA
RegCloseKey
OpenServiceA
OpenSCManagerA
CreateServiceA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
ControlService

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

wininet

InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntry
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
HttpAddRequestHeadersA

urlmon

URLDownloadToFileA

ws2_32

setsockopt
WSACleanup
closesocket

msvcrt

memmove
_mbsinc
memcmp
_ismbcspace
__dllonexit
_onexit
_initterm
_adjust_fdiv
abs
fclose
_mbsnbicmp
malloc
free
strcpy
_mbsstr
printf
_mbscmp
time
_mbsupr
_ismbcprint
_snprintf
memset
_mbsrchr
_local_unwind2
_except_handler3
__CxxFrameHandler
memcpy
??2@YAPAXI@Z
_mbsicmp
_memicmp
strcat
_mbsnbcpy
atoi
_mbstok
strlen
fgets
fopen
sprintf

psapi

GetModuleInformation

Exports

Exports

_DllMain@12

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c1aca707c5d262c3ceee2820114a72c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcp60

wininet

urlmon

ws2_32

msvcrt

psapi

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 34KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 34KB - Virtual size: 34KB

.reloc
Size: 2KB - Virtual size: 1KB