5a889b1c7139f1c549036b8bfe7a1fa40c2919de11b444c800b7ede0098aa8b9

Sharing

Copy URL Twitter E-mail

General

Target

5a889b1c7139f1c549036b8bfe7a1fa40c2919de11b444c800b7ede0098aa8b9
Size

5.4MB
MD5

0885e91681331125450649855735fe1e
SHA1

de44c55310a1baa3e62757d89f2770f7f9047674
SHA256

5a889b1c7139f1c549036b8bfe7a1fa40c2919de11b444c800b7ede0098aa8b9
SHA512

c6786cc45b37fef8e21deeaad17c9fcc9321c8560518bf89e3f3db4c22f3864ccae90bdff837e75c5cfafb7b08650c247608075384578704113d7a65c42f5fb5
SSDEEP

98304:xaxnSfbbC9fSUFGXbIXFxV6tiUr9qjf2paxOvt17ZuRD6R1yDngDw:xaxSf3gM01D6hYYaxOvt1X1mb

Score

1^/10

Malware Config

Signatures

Files

5a889b1c7139f1c549036b8bfe7a1fa40c2919de11b444c800b7ede0098aa8b9
.dll windows x86

69f5ed8875c6b628daaec8310e5c014f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetTimer
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

advapi32

OpenProcessToken

ole32

CoInitialize

shell32

ShellExecuteA

oleaut32

VariantClear

ws2_32

getpeername

avicap32

capGetDriverDescriptionA

gdi32

DeleteDC

psapi

EnumProcessModules

wininet

InternetReadFile

wtsapi32

WTSSendMessageW

Exports

Exports

DoItYourSelf
DownCtrlAltDel
GetDllModuleControl
GetGameInfo
GetGameInfoEx
StartServer
WaitServer

Sections

.text
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VipShel
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1~0
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.1~1
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69f5ed8875c6b628daaec8310e5c014f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

ws2_32

avicap32

gdi32

psapi

wininet

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 144KB

.rdata Size: - Virtual size: 30KB

.data Size: - Virtual size: 17KB

.VipShel Size: 512B - Virtual size: 260B

.1~0 Size: - Virtual size: 3.2MB

.1~1 Size: 5.4MB - Virtual size: 5.4MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 144KB

.rdata
Size: - Virtual size: 30KB

.data
Size: - Virtual size: 17KB

.VipShel
Size: 512B - Virtual size: 260B

.1~0
Size: - Virtual size: 3.2MB

.1~1
Size: 5.4MB - Virtual size: 5.4MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB