392fb04b01f62293ee6d303c1ff01ffeebf741382e1d3afda981937a9f5ddfde

Sharing

Copy URL Twitter E-mail

General

Target

392fb04b01f62293ee6d303c1ff01ffeebf741382e1d3afda981937a9f5ddfde
Size

879KB
MD5

5a4c534b793b1f58122d1e3a59652957
SHA1

22b473ceb743e28d5b244b027380014efc946c26
SHA256

392fb04b01f62293ee6d303c1ff01ffeebf741382e1d3afda981937a9f5ddfde
SHA512

92872d00f1cb3b7a41f3555b4ea5d3ffa6b6870877ad67bb783ca192f039fe4eee814c43da627c8b85cb64458931506379ca551729d9da850ea5f202f8f08179
SSDEEP

24576:jQHufYTyUX2XuCZR/sRSTrcOyTVa7mY1NxfGnMuO4VBVFw1yvD:w2eCZR/3TY3R3Hn86VAyr

Score

N/A

Malware Config

Signatures

Files

392fb04b01f62293ee6d303c1ff01ffeebf741382e1d3afda981937a9f5ddfde
.dll windows x86

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
Process32First
GetSystemInfo
GetTickCount
OpenProcess
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
GetLastError
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
CreateThread
CloseHandle
VirtualFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
OutputDebugStringA
SetLastError
DeviceIoControl
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetFileAttributesA
WriteProcessMemory
CreateEventA
GetCurrentThreadId
TerminateThread
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
CopyFileA
CreateFileA
GetSystemDirectoryA
ReadFile

user32

AttachThreadInput
GetGUIThreadInfo
MapVirtualKeyA
SwapMouseButton
ScreenToClient
WindowFromPoint
GetCursorPos
GetDoubleClickTime
GetAncestor
keybd_event
SetTimer
KillTimer
GetKeyboardState
GetKeyState
ToAscii
GetForegroundWindow
GetWindowThreadProcessId
GetFocus

ws2_32

htonl
ntohl
htons
ntohs

advapi32

CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
CreateServiceA
ControlService
DeleteService
OpenServiceA

ole32

CoCreateGuid

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

memmove
__dllonexit
strstr
_getpid
free
malloc
strrchr
fopen
fseek
ftell
fread
fclose
_purecall
strncat
_except_handler3
strncpy
time
srand
rand
_getcwd
_itoa
_mbsnbcpy
_mbsnbcat
memset
memcpy
_EH_prolog
_stricmp
_memicmp
__CxxFrameHandler
_snprintf
_onexit
??2@YAPAXI@Z

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

ShellExecuteA

Exports

Exports

CreateObj

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txt$0
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt$1
Size: 505KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

ole32

msvcp60

msvcrt

version

shell32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 260KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 944B

.txt$0 Size: 16KB - Virtual size: 15KB

.txt$1 Size: 505KB - Virtual size: 505KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 260KB - Virtual size: 260KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 944B

.txt$0
Size: 16KB - Virtual size: 15KB

.txt$1
Size: 505KB - Virtual size: 505KB

.reloc
Size: 8KB - Virtual size: 7KB