fe5c425bb0b3a3169fde18c4059fd1460af986ca27880494d36fff97566bf210

Sharing

Copy URL Twitter E-mail

General

Target

fe5c425bb0b3a3169fde18c4059fd1460af986ca27880494d36fff97566bf210
Size

39KB
MD5

d871f81a1c022d1c6ddfd8f5a1eb9d8a
SHA1

3fb33c76026c74a0e1f04155aff6ce996d7e0c90
SHA256

fe5c425bb0b3a3169fde18c4059fd1460af986ca27880494d36fff97566bf210
SHA512

8d21e3fb865bcce43d58071444d8462d9871d4e8340674c79c471df7724736b0607fd0b9df120abc7b111e22dd2129d485247205ae3b1d1f0e02afa330599f88
SSDEEP

768:+rZKvkaIsagxcbvUbIwOeqaWmPCuZFZpWgdEYhG7yqphYZhAr/NGxy07N9:+lKv9f3/OeqaWmPCu6ooyqphOABT07N

Score

N/A

Malware Config

Signatures

Files

fe5c425bb0b3a3169fde18c4059fd1460af986ca27880494d36fff97566bf210
.dll windows x86

6365c4c11cdf44f02814482c74a323ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
sprintf
floor
_ftol
_chkstk
strstr
wcscat
strchr
memset
NtQuerySystemInformation
wcscpy
atoi
isspace
_strnicmp

msvcrt

fclose
fgets
fopen
time
fputs
_adjust_fdiv
_initterm
free
malloc
_errno

ws2_32

connect
htons
inet_ntoa
gethostbyname
WSAStartup
inet_addr
select
getsockopt
__WSAFDIsSet
WSAGetLastError
shutdown
socket
bind
accept
getpeername
ntohs
setsockopt
closesocket

user32

wsprintfA

advapi32

CreateServiceA
InitializeSecurityDescriptor
GetTokenInformation
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

wininet

InternetQueryDataAvailable
HttpQueryInfoA
InternetCloseHandle

kernel32

HeapFree
HeapReAlloc
VirtualFree
GetProcAddress
FreeLibrary
GetSystemDirectoryA
lstrcatA
QueryDosDeviceA
DeviceIoControl
GetVersion
CreateFileW
GetCurrentProcess
CloseHandle
VirtualAlloc
GetVersionExA
HeapAlloc
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
HeapValidate
ExitProcess
GetModuleFileNameA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
ReleaseMutex
CreateMutexA
CreateThread
lstrcpynA
lstrcmpiA
LoadLibraryA
Sleep
WriteFile
GetTickCount
GetModuleHandleA
WaitForSingleObject
DeleteFileA
GetFileAttributesA
lstrlenA
OpenProcess
lstrcpyA
SetLastError
GetLastError
LoadLibraryExA

Exports

Exports

FuckAlls
InjectToProcess__

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6365c4c11cdf44f02814482c74a323ae

Headers

File Characteristics

Imports

ntdll

msvcrt

ws2_32

user32

advapi32

wininet

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 6KB - Virtual size: 22KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 6KB - Virtual size: 22KB

.reloc
Size: 2KB - Virtual size: 2KB