3930d603546bbea18445e112669ebd3527d42d572138cb548dbf260ed8fbf90e

Sharing

Copy URL Twitter E-mail

General

Target

3930d603546bbea18445e112669ebd3527d42d572138cb548dbf260ed8fbf90e
Size

879KB
MD5

8bda067bf94ac72955c2678d473e44b8
SHA1

50054f3c72fca64f176ff1bbfa65df51463736e2
SHA256

3930d603546bbea18445e112669ebd3527d42d572138cb548dbf260ed8fbf90e
SHA512

c8f1f243f92c5d25ac048daa630ff1f9e60fed68f425fd83bc89aa658787b039a60e4faabd54ec829476f01b1bb8c94ef3448f4ccbdae367de93977ceb984374
SSDEEP

24576:jQHufYTyUX2XuCZR/sRSTrcOyTVa7mY1NxfGnMuO4VBVFw1yv2:w2eCZR/3TY3R3Hn86VAy+

Score

1^/10

Malware Config

Signatures

Files

3930d603546bbea18445e112669ebd3527d42d572138cb548dbf260ed8fbf90e
.dll windows x86

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
Process32First
GetSystemInfo
GetTickCount
OpenProcess
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
GetLastError
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
CreateThread
CloseHandle
VirtualFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
OutputDebugStringA
SetLastError
DeviceIoControl
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetFileAttributesA
WriteProcessMemory
CreateEventA
GetCurrentThreadId
TerminateThread
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
CopyFileA
CreateFileA
GetSystemDirectoryA
ReadFile

user32

AttachThreadInput
GetGUIThreadInfo
MapVirtualKeyA
SwapMouseButton
ScreenToClient
WindowFromPoint
GetCursorPos
GetDoubleClickTime
GetAncestor
keybd_event
SetTimer
KillTimer
GetKeyboardState
GetKeyState
ToAscii
GetForegroundWindow
GetWindowThreadProcessId
GetFocus

ws2_32

htonl
ntohl
htons
ntohs

advapi32

CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
CreateServiceA
ControlService
DeleteService
OpenServiceA

ole32

CoCreateGuid

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

memmove
__dllonexit
strstr
_getpid
free
malloc
strrchr
fopen
fseek
ftell
fread
fclose
_purecall
strncat
_except_handler3
strncpy
time
srand
rand
_getcwd
_itoa
_mbsnbcpy
_mbsnbcat
memset
memcpy
_EH_prolog
_stricmp
_memicmp
__CxxFrameHandler
_snprintf
_onexit
??2@YAPAXI@Z

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

ShellExecuteA

Exports

Exports

CreateObj

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txt$0
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt$1
Size: 505KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

895458cf0da26dadce313116102d85cb

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

ole32

msvcp60

msvcrt

version

shell32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 260KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 944B

.txt$0 Size: 16KB - Virtual size: 15KB

.txt$1 Size: 505KB - Virtual size: 505KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 260KB - Virtual size: 260KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 944B

.txt$0
Size: 16KB - Virtual size: 15KB

.txt$1
Size: 505KB - Virtual size: 505KB

.reloc
Size: 8KB - Virtual size: 7KB