f8e7686e71f47f22f9b20f7c4fa19f833bac189fd586fab80427d7b60eeedace

Sharing

Copy URL

Twitter E-mail

General

Target

f8e7686e71f47f22f9b20f7c4fa19f833bac189fd586fab80427d7b60eeedace
Size

37KB
MD5

63a2b7c801372de4e721fa5d089313e4
SHA1

d9a7ab0bf2a2fcbb20bf36c64c397e4bf5cb86b8
SHA256

f8e7686e71f47f22f9b20f7c4fa19f833bac189fd586fab80427d7b60eeedace
SHA512

222d1ce1416dbaadcf9e4963747dd6b6bc3cdad3eb6e3012c60df75252aa30b4690bd6f9ea91c96bce555d52159f40baa3d35920a9f765aa73de92293f703e6c
SSDEEP

768:HmfR/UF+ZLqRXxnXeklArwni9Nem3ovrQd0TmcQdLi0Ga/:sW+ZeRXxXdAre2em3+rtSjGa/

Score

N/A

Malware Config

Signatures

Files

f8e7686e71f47f22f9b20f7c4fa19f833bac189fd586fab80427d7b60eeedace
.dll windows x86

ced4353ea1d8afc0da7fd03bc52765f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LoadLibraryA
GetCurrentProcess
lstrcpynA
CreateToolhelp32Snapshot
GetCurrentProcessId
Module32FirstW
lstrcmpiW
Module32NextW
LocalAlloc
LocalFree
LoadLibraryW
WriteFile
GetTickCount
lstrlenW
MultiByteToWideChar
MoveFileW
DeleteFileW
GetProcAddress
MoveFileExW
FindFirstFileW
FindNextFileW
FindClose
GetUserGeoID
GetEnvironmentVariableA
GetVolumeInformationA
VirtualProtect
lstrcmpW
IsBadReadPtr
ReadFile
SetFilePointer
Process32FirstW
Process32NextW
GetVersionExA
GetModuleFileNameW
lstrcpynW
SetFileAttributesW
OpenProcess
DuplicateHandle
GetModuleHandleW
GetLastError
GetFileSize
OpenThread
Thread32First
Thread32Next
Process32First
lstrcmpiA
Process32Next
CreateFileMappingA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
RtlUnwind
IsProcessorFeaturePresent
SetEvent
ExitProcess
TerminateProcess
GetSystemDirectoryW
VirtualFree
CreateFileW
CreateDirectoryW
lstrcatW
lstrcpyW
GetLongPathNameW
GetTempPathW
ExpandEnvironmentStringsW
GetModuleHandleA
Sleep
WaitForSingleObject
CloseHandle
lstrlenA
lstrcpyA
VirtualAlloc
CreateEventA
IsBadWritePtr
CreateThread
IsDebuggerPresent

user32

SendMessageA
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
MessageBoxA
wsprintfA
DefWindowProcA
PostMessageA
PtInRect
BeginPaint
GetClientRect
InflateRect
FillRect
FrameRect
EndPaint
ScreenToClient
wsprintfW
PostQuitMessage

gdi32

CreateSolidBrush
DeleteObject
LineTo
MoveToEx
CreatePen
SelectObject
GetStockObject

advapi32

RegCloseKey
CloseServiceHandle
QueryServiceStatusEx
StartServiceW
OpenServiceW
OpenSCManagerW
RegQueryValueExA
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA

ole32

CoCreateGuid
StringFromGUID2

ws2_32

send
recv
connect
closesocket
inet_addr
htons
socket
WSACleanup
gethostbyname
WSAStartup

psapi

GetModuleBaseNameW
GetModuleFileNameExW

iphlpapi

GetTcpStatistics

Exports

Exports

Init

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced4353ea1d8afc0da7fd03bc52765f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

psapi

iphlpapi

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB