1c3accad9ffa066a378c5308400e0edbb6efb0925504a6d5ab2b8e6f06e1bc37

Sharing

Copy URL Twitter E-mail

General

Target

1c3accad9ffa066a378c5308400e0edbb6efb0925504a6d5ab2b8e6f06e1bc37
Size

92KB
MD5

69c0725c4efd85a62fa89a0b61400fe2
SHA1

b80f1551a3f874f2d3441a26b7f78a70f6d840b4
SHA256

1c3accad9ffa066a378c5308400e0edbb6efb0925504a6d5ab2b8e6f06e1bc37
SHA512

2dbc5aca4aba6747176bbea68caba89ea6940016fc1fb60d27fb42e6c5e13c2ae87915cd267f6de7e88afb2a9cf9dc30e66191076d8c543db15d4f4b4a3963ce
SSDEEP

1536:aVB8Y2mhYYOSqTM7W1QIIYlo0tDTz2P4+:aV2YJhBFWbIYlo0Vz2P4

Score

N/A

Malware Config

Signatures

Files

1c3accad9ffa066a378c5308400e0edbb6efb0925504a6d5ab2b8e6f06e1bc37
.dll windows x86

8e6f464245dc5aa9a7957d2d086f59f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetVersionExA
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WriteFile
GetCurrentProcess
GetLocalTime
TerminateProcess
LocalAlloc
LocalFree
OpenFileMappingA
OpenMutexA
CreateEventA
OpenEventA
SetEvent
GetCurrentThread
CreateThread
Sleep
WideCharToMultiByte
InterlockedExchange
WaitForSingleObject
ReleaseMutex
CloseHandle
GetCurrentProcessId
GetModuleFileNameA
CreateMutexA
GetLastError
InterlockedCompareExchange
DisableThreadLibraryCalls
GetProcAddress
MultiByteToWideChar
FreeLibrary
LoadLibraryA
VirtualQuery
GetCurrentThreadId
VirtualProtect
ResumeThread
FlushInstructionCache
GetThreadContext
SetThreadContext
SuspendThread
VirtualAlloc
SetLastError
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

advapi32

InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorDacl
GetUserNameA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ws2_32

inet_addr
inet_ntoa

Exports

Exports

EnumAdapterInfo
EnumRegAdapterInfo
FreeAdapterInfo
FreeRegAdapterInfo
InstallHook
SetIpBindRule
SetKsIPCallBack
SetKsIPCallBackEx
SetLocalIP
StartIpBind
StopIpBind
UnInstallHook

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e6f464245dc5aa9a7957d2d086f59f5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 20KB

.SHARDAT Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 20KB

.SHARDAT
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 7KB