fbf09335d8b14b6d86e4d5df13ee5aa786c333cded2d510b6082c50527fc57e6

Sharing

Copy URL Twitter E-mail

General

Target

fbf09335d8b14b6d86e4d5df13ee5aa786c333cded2d510b6082c50527fc57e6
Size

34KB
MD5

6c941fa6883bb2eb3295834b83a961e9
SHA1

9c7b05df29d6d0408d7af66364a334ccbbad5037
SHA256

fbf09335d8b14b6d86e4d5df13ee5aa786c333cded2d510b6082c50527fc57e6
SHA512

2313d341c53de727efe5b3560bbf7801724117b2d4448bcf7321a26ff647bf5c900a337b31f4252d8dab0d0f80983c37e403436f5ae7f78af158ae1a065bc9af
SSDEEP

768:bmWua6SXWYvDeDJFw5W6fcEhsISlaAM9KxGalRIZh:bmWXlXW4De65cEiZI9KQawh

Score

N/A

Malware Config

Signatures

Files

fbf09335d8b14b6d86e4d5df13ee5aa786c333cded2d510b6082c50527fc57e6
.dll windows x86

29de63ecaaa78cfba72e242ebccc3a37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1247
ord1168
ord389
ord540
ord860
ord1228
ord3229
ord5204
ord5808
ord5356
ord2393
ord800
ord690
ord823
ord825

msvcrt

_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_except_handler3
qsort
_beginthread
memmove
_purecall
memcpy
__CxxFrameHandler
strstr
_strlwr
memset
strrchr
strftime
localtime
time

kernel32

CreateFileMappingA
GetLastError
UnmapViewOfFile
DisableThreadLibraryCalls
GetModuleFileNameA
GlobalReAlloc
SleepEx
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
SetFileAttributesA
lstrcmpiA
MapViewOfFile
GlobalHandle
FreeLibrary
GetLocalTime
WideCharToMultiByte
GetFileAttributesA
CreateDirectoryA
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
GetVersionExA
GetModuleHandleA
lstrcpynA
GetEnvironmentVariableA
CreateThread
lstrcpyA
GetFileSize
CloseHandle
WriteFile
SetFilePointer
CreateFileA
DeleteFileA
WinExec
CreateProcessA
GetTickCount
GetTempPathA
lstrlenA
WaitForSingleObject
lstrcmpA
lstrcatA
FindClose
FindNextFileA
CompareFileTime
FindFirstFileA
Sleep
FileTimeToSystemTime
GetDriveTypeA
GetLogicalDriveStringsA
GetComputerNameA
SetEndOfFile
ReadFile
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GetVolumeInformationA

user32

RegisterClassA
KillTimer
SetTimer
DispatchMessageA
CreateWindowExA
GetMessageA
ShowWindow
DefWindowProcA
PostMessageA
FindWindowA
GetWindowThreadProcessId
SetWindowsHookExA
PostThreadMessageA
SendMessageA
CallNextHookEx
UnhookWindowsHookEx
OemToCharBuffA
wsprintfA
TranslateMessage

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyA
GetUserNameA
RegSetValueA
RegSetValueExA

wsock32

gethostname
inet_addr
gethostbyname

wininet

InternetGetConnectedState

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29de63ecaaa78cfba72e242ebccc3a37

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

wsock32

wininet

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB