edb0da54c260eeeefd7cef552e94a9060d2b646cad46ee89597329c97396b6e8

Sharing

Copy URL Twitter E-mail

General

Target

edb0da54c260eeeefd7cef552e94a9060d2b646cad46ee89597329c97396b6e8
Size

64KB
MD5

4781f7026fe8c9c853378fa5bfc654e1
SHA1

6434d9454777848bf1a004372ab17962ef094ccf
SHA256

edb0da54c260eeeefd7cef552e94a9060d2b646cad46ee89597329c97396b6e8
SHA512

ad2dea661088a9b6ef94920c6cc3cb55ed6cfa6c1499e0b04103a545658a6d47096271c57fff8c15694f699e76378805d2a4b5cd7ae06a4cefcc53aafe4b827f
SSDEEP

1536:o7oOnAv4in13h5O34GQlMjroAwJmyI0l+PoDK84:ocFF9ZcYUoDK8

Score

N/A

Malware Config

Signatures

Files

edb0da54c260eeeefd7cef552e94a9060d2b646cad46ee89597329c97396b6e8
.dll windows x86

4abc3949a5334539fe76ee10f31b7eb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getpeername
getservbyport
ntohs
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr

shlwapi

PathFindFileNameA
SHGetValueA
StrTrimA
StrCmpNA
StrStrIA
SHQueryInfoKeyA

wininet

HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

kernel32

VirtualProtect
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetStdHandle
GetLocaleInfoA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
GetSystemInfo
WriteProcessMemory
GetCurrentProcess
lstrcatA
Sleep
lstrcpyA
lstrcmpiA
GetModuleFileNameA
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
lstrcmpA
ReadFile
SetFilePointer
CreateFileA
InterlockedExchange
InitializeCriticalSection
HeapSize
lstrlenA
GetLastError
RtlUnwind
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WriteFile
FlushFileBuffers
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo

user32

wsprintfA

advapi32

RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

Exports

Exports

ImportFunction

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4abc3949a5334539fe76ee10f31b7eb2

Headers

File Characteristics

Imports

ws2_32

shlwapi

wininet

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 14KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 14KB

.reloc
Size: 8KB - Virtual size: 4KB