972ecf94c0802723d42cbd55a9ef7b4624a188276721b482aef69bd51b49f26b

General

Target

972ecf94c0802723d42cbd55a9ef7b4624a188276721b482aef69bd51b49f26b
Size

13KB
MD5

54e501e7c8759206c6f51966263767d7
SHA1

f99318ea2b777b67f98aee15c86022319ab230a9
SHA256

972ecf94c0802723d42cbd55a9ef7b4624a188276721b482aef69bd51b49f26b
SHA512

cc0c5c6701472b8a1c0c1747e154103c404ba2462f1449fcd227951222b70cff75490e202439cad1181474261f49db411e6233b145d69bdcce7565df0f26133d
SSDEEP

192:gjXN9sQ6cTaFpICWaLNtMzuah7qzUq9PkvD5w/QC9ThwQ7:gjNiQ6hsRaLNtMaaYQq9gd+9TP7

Score

N/A

Malware Config

Signatures

Files

972ecf94c0802723d42cbd55a9ef7b4624a188276721b482aef69bd51b49f26b
.dll windows x86

6930fdf9d8846362796405ce58269961

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strncpy
memcpy
strlen
strcat
memmove

kernel32

HeapCreate
HeapDestroy
CreateProcessA
CloseHandle
SetCurrentDirectoryA
SetFileAttributesA
CreateFileA
WriteFile
GetCurrentProcess
GetSystemDirectoryA
Sleep
GetModuleHandleA
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CreateThread
TlsAlloc
HeapAlloc
TlsSetValue
GetCurrentThreadId
GetTickCount
TlsGetValue
HeapFree
HeapSize
CreateDirectoryA
DeleteFileA
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
HeapReAlloc
WaitForMultipleObjects
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
ReleaseSemaphore

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
DeleteService

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
DeleteUrlCacheEntryA
HttpOpenRequestA
HttpSendRequestA
InternetConnectA

Sections

.code
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6930fdf9d8846362796405ce58269961

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

shell32

wininet

Sections

.code Size: 3KB - Virtual size: 2KB

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 6B

.data Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 544B

.code
Size: 3KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 6B

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 544B