c631f9d4789cc7e1d073af957466c68b44518db0b32392084044f310e072f9c2

Sharing

Copy URL Twitter E-mail

General

Target

c631f9d4789cc7e1d073af957466c68b44518db0b32392084044f310e072f9c2
Size

48KB
MD5

7eb9db39f4c67e08386d07b0e6260301
SHA1

a178a87c9cef9fd9099a17c37e4970230aa1df3a
SHA256

c631f9d4789cc7e1d073af957466c68b44518db0b32392084044f310e072f9c2
SHA512

21a03cc0a2d8ee216fc0cab99ee2b748e111e5554c0b07b01a7869876be9f1c9739d06585189708417f09d2446ca2b9ae0d0d46469973514dd018a852717a89d
SSDEEP

384:acf5lWdHmodEvsUK2ZYcR8b1KUEO/clC+8HBQvkmTBiulucr4Mq38+41mlhtCj:t50dHmXkCYXMOIC1hQvkWBThZW6Ul

Score

N/A

Malware Config

Signatures

Files

c631f9d4789cc7e1d073af957466c68b44518db0b32392084044f310e072f9c2
.dll windows x86

4b1588e15c1945139b49a7389fa8f3ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageDirectoryEntryToData

kernel32

HeapSize
GetSystemTimeAsFileTime
SetThreadPriority
GetCurrentThread
DisableThreadLibraryCalls
GetProcAddress
VirtualQuery
WriteProcessMemory
GetCurrentProcess
VirtualProtect
lstrcmpiA
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
CloseHandle
Module32Next
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetModuleHandleA
GetSystemInfo
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
RtlUnwind
GetCommandLineA
GetVersionExA
HeapFree
InterlockedExchange
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetLocaleInfoA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx

Exports

Exports

Hook
Unhook

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHAREDAT
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b1588e15c1945139b49a7389fa8f3ac

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

SHAREDAT Size: 4KB - Virtual size: 8B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB

SHAREDAT
Size: 4KB - Virtual size: 8B

.reloc
Size: 4KB - Virtual size: 1KB