5c153372d0c074c0eb097a14f64d6168925ff3fdb75d18cb78c7400d048c000a

Sharing

Copy URL Twitter E-mail

General

Target

5c153372d0c074c0eb097a14f64d6168925ff3fdb75d18cb78c7400d048c000a
Size

219KB
MD5

00492a0420b5efbc823521901ffe2c49
SHA1

c384e0969b313b2ac43424f46bfcb24ab5ab5ec5
SHA256

5c153372d0c074c0eb097a14f64d6168925ff3fdb75d18cb78c7400d048c000a
SHA512

bd2cc05ee036cacec16d05e0b0a417476e0dc48a6828b9d17654a214ecddb5b74a78013aa6344cd3195be428a826f45cbe7a9ad665fb6447dbb427745800ddb0
SSDEEP

3072:TlUiqoVhWpIOUZ25TV671D5Jwn/oawJvlXGjxjBCKntT9UK43eDdVs0gPD/1llMJ:N3xQ655Jw/dSGxjYKBz+0g7ZMyc

Score

N/A

Malware Config

Signatures

Files

5c153372d0c074c0eb097a14f64d6168925ff3fdb75d18cb78c7400d048c000a
.dll windows x86

155e1d91ba867ffd86793ab2bb3bd449

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
OpenProcess
MultiByteToWideChar
Sleep
GetTempPathA
K32GetModuleFileNameExA
GetLastError
GetFileAttributesA
CreateFileA
FileTimeToSystemTime
LoadLibraryA
DeleteFileA
CloseHandle
HeapAlloc
GetProcAddress
VerSetConditionMask
GetProcessHeap
WinExec
VerifyVersionInfoW
SystemTimeToTzSpecificLocalTime
CreateProcessA
GetFileTime
GetComputerNameA
CreateMutexA
FindClose
FindNextFileA
HeapFree
FindFirstFileA
HeapSize
WriteConsoleW
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
GetConsoleCP
WriteFile
GetACP
GetFileType
GetStdHandle
ReadConsoleW
GetConsoleMode
GetLogicalDrives
GetModuleFileNameA
CreateDirectoryW
CreateFileW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
WideCharToMultiByte
FormatMessageW
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStringTypeW
LCMapStringW
GetCPInfo
LocalFree
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
FreeLibrary
LoadLibraryExW
InterlockedFlushSList
ExitProcess
GetModuleHandleExW
ReadFile
HeapReAlloc

advapi32

RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetUserNameA

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit

ws2_32

send
socket
connect
WSACleanup
recv
htons
inet_addr
WSAStartup
WSASocketA
closesocket
WSAConnect

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

155e1d91ba867ffd86793ab2bb3bd449

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

ws2_32

version

wtsapi32

iphlpapi

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 3KB - Virtual size: 4.6MB

.gfids Size: 512B - Virtual size: 400B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 3KB - Virtual size: 4.6MB

.gfids
Size: 512B - Virtual size: 400B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 9KB