d87522806257ed9770f0e15dfc2296059c9b366b64e6add4ae17e0d6c34f2faf

General

Target

d87522806257ed9770f0e15dfc2296059c9b366b64e6add4ae17e0d6c34f2faf
Size

8KB
MD5

2cbc7ca792c55dad218793fc727b38c6
SHA1

e0aa088ae271969c1653659b80417ffb4baadd14
SHA256

d87522806257ed9770f0e15dfc2296059c9b366b64e6add4ae17e0d6c34f2faf
SHA512

5a4a5d402497f17bd33e04f8d33e63ec975aa6468ec00215c214259d8d6fe90ef7b109cae554756f1b1d1b5277d281c3b5d01ba7df6339fa3158dbbc4c59d157
SSDEEP

192:S/SCDBXehic4zayMxiaDZtMis71wGw6d:i7DuAkxiKtTs71wGb

Score

N/A

Malware Config

Signatures

Files

d87522806257ed9770f0e15dfc2296059c9b366b64e6add4ae17e0d6c34f2faf
.dll windows x86

197ac9a5b7ae4abadb8e282e88afc7ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WriteFile
GetVolumeInformationA
CreateProcessA
GetSystemDirectoryA
lstrcatA
GetLastError
WaitForMultipleObjects
CloseHandle
GetTempPathA
DeleteFileA
CreateThread
GetEnvironmentVariableW
SetFilePointer
MoveFileExW
GetCurrentProcess
OpenProcess
LoadLibraryW
lstrlenA
CopyFileW
ReadProcessMemory
ReadFile
GetModuleFileNameW
CreateFileW
lstrlenW
QueueUserAPC
DisableThreadLibraryCalls
OpenMutexA
SetCurrentDirectoryW
lstrcatW
DuplicateHandle
GetWindowsDirectoryW
DeleteFileW
ExitThread
CreateMutexA
ReleaseMutex
CreateFileA
lstrcmpiW
VirtualAlloc
Sleep
VirtualFree

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

ntdll

memset
strtoul
strncpy
wcsstr
_wcsupr
atoi
strchr
strcpy
strstr
_itoa
_strnicmp
sprintf
RtlAdjustPrivilege
NtQueryInformationThread
NtQuerySystemInformation
_chkstk

ws2_32

connect
htons
setsockopt
recv
socket
closesocket
gethostbyname
send
WSAStartup

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

197ac9a5b7ae4abadb8e282e88afc7ba

Headers

File Characteristics

Imports

kernel32

advapi32

ntdll

ws2_32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 169B

.reloc Size: 512B - Virtual size: 462B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 169B

.reloc
Size: 512B - Virtual size: 462B