85f60fcee3967d826b31c3d6043a000ad2249290e496effe970e971b8f12f218

Sharing

Copy URL

Twitter E-mail

General

Target

85f60fcee3967d826b31c3d6043a000ad2249290e496effe970e971b8f12f218
Size

220KB
MD5

e81825e225234d2e3170926e4b03361e
SHA1

1da17bf0ee9a2810763bfb56c94840de6491564f
SHA256

85f60fcee3967d826b31c3d6043a000ad2249290e496effe970e971b8f12f218
SHA512

61114d2fadc31e35a4b35a63f7ead078ef60104d0ec7cd09b577800ba3ad88895d491764c35eb6896e5182d691b463c688bd52e5d8420be38d06a8a5c779ec15
SSDEEP

3072:m889XCbZgLwk/CUrFonADQ/zvvfRzgK0ImqEaPFsYyL8RLkAWzVMiUTVZwp5:189OZgLwk/5ZOADQ/z5zPmIGLdOM5

Score

N/A

Malware Config

Signatures

Files

85f60fcee3967d826b31c3d6043a000ad2249290e496effe970e971b8f12f218
.dll windows x86

5f65d5c7362d53eecff709f8dbfc69e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
WideCharToMultiByte
MoveFileA
TerminateProcess
TerminateThread
DeleteFileA
ExitProcess
CreateFileA
WriteFile
OutputDebugStringA
Sleep
VirtualAlloc
ExpandEnvironmentStringsA
lstrcpynA
GetModuleFileNameA
GetEnvironmentVariableA
CreateProcessW
CreateNamedPipeA
VirtualFree
CreateProcessA
WaitForSingleObject
HeapFree
GetProcessHeap
HeapAlloc
GetComputerNameA
CreateThread
ConnectNamedPipe
DisconnectNamedPipe
CreateMutexA
GetLocalTime
GetTempPathA
MultiByteToWideChar
CreatePipe
GetLastError
DecodePointer
SetEndOfFile
HeapReAlloc
HeapSize
WriteConsoleW
SetFilePointerEx
FlushFileBuffers
CreateFileW
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
GetModuleFileNameW
InterlockedFlushSList
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleHandleExW
GetACP
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
LCMapStringW
lstrlenA

advapi32

SystemFunction036
GetUserNameA

shell32

ShellExecuteA

ws2_32

inet_ntoa
gethostbyname
gethostname
WSACleanup
recv
send
connect
socket
htons
inet_addr
getaddrinfo
WSAStartup
ntohl
closesocket

wininet

InternetCrackUrlA

Exports

Exports

_DllMessages@0

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f65d5c7362d53eecff709f8dbfc69e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

wininet

Exports

Exports

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 2KB - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 2KB - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 6KB