abade14b4217fde8ff0c44f5d9bdbfe27ba6bc5ee625d2ac1b564e94fe81dc8b

Sharing

Copy URL Twitter E-mail

General

Target

abade14b4217fde8ff0c44f5d9bdbfe27ba6bc5ee625d2ac1b564e94fe81dc8b
Size

160KB
MD5

0b8a9b0db9a0c93401883cd9de176a64
SHA1

7ffa6e8aa916fe36780a217790b5ad9585b245ce
SHA256

abade14b4217fde8ff0c44f5d9bdbfe27ba6bc5ee625d2ac1b564e94fe81dc8b
SHA512

cd481a57e21ddc16a4119b67cb9fd637b9d13b9be6907c9709cffd289ecce5a77ec5b97d0525afda03ab042effe82f75b77a0e04e0d19415a95be50d30f737ad
SSDEEP

3072:Hc11fNEYBlHSA8+jD79ZXpjh6dzr+xIJeoE6ql1wtQ:8nfNPHwxr+oeRr

Score

N/A

Malware Config

Signatures

Files

abade14b4217fde8ff0c44f5d9bdbfe27ba6bc5ee625d2ac1b564e94fe81dc8b
.dll windows x86

cec2f3b54f0801fe4ce99970953acb9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recv
WSAGetLastError
gethostbyname
send
sendto
__WSAFDIsSet
select
gethostname
closesocket
WSAStartup
WSACleanup
connect
socket
ntohs
htons
setsockopt
inet_ntoa
recvfrom
inet_addr

python24

PyObject_GetAttrString
PyImport_ExecCodeModule
PyMarshal_ReadObjectFromString
Py_IsInitialized
PyObject_CallFunction
PyRun_SimpleString
Py_Initialize
Py_Finalize
PyString_AsStringAndSize

kernel32

SetEndOfFile
ReadFile
GetStringTypeW
GetStringTypeA
SetStdHandle
SetFilePointer
GetConsoleOutputCP
WriteConsoleA
HeapReAlloc
InitializeCriticalSection
GetLocaleInfoA
VirtualQuery
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
CreateThread
CloseHandle
WaitForSingleObject
GetLocalTime
GetVersion
SetUnhandledExceptionFilter
Sleep
DeviceIoControl
CreateFileA
Module32Next
Module32First
CreateToolhelp32Snapshot
GetModuleHandleA
GetCurrentProcessId
GetProcAddress
VirtualAlloc
ExitProcess
GetCommandLineA
GetTickCount
GetCurrentThreadId
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExA
LoadLibraryA
HeapSize
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
SetHandleCount
DeleteCriticalSection
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
LCMapStringA
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement

user32

GetWindowThreadProcessId
SetWindowsHookExA
CallNextHookEx
SendMessageA
UnhookWindowsHookEx
FindWindowA

netapi32

Netbios

iphlpapi

GetAdaptersInfo

Exports

Exports

CalcKey
DecryptAccountInfo
DecryptGuid
DiffieEncrypt
EncryptGuid
GetIdentify
GetKeySeed
GetRobotDigestsFromStream
GetTroyDigestsFromStream
GetValidate
ProtectInit
ProtectStart
ProtectStop
StopLibrary
TextDecode
ValidateProcessModulesInDll

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cec2f3b54f0801fe4ce99970953acb9a

Headers

File Characteristics

Imports

ws2_32

python24

kernel32

user32

netapi32

iphlpapi

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 102KB

shared Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 102KB

shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 9KB