35d747c8b27dd5f0ab6f87245e0817f84f9c976899d0c432aab4e489605ba496

Sharing

Copy URL

Twitter E-mail

General

Target

35d747c8b27dd5f0ab6f87245e0817f84f9c976899d0c432aab4e489605ba496
Size

72KB
MD5

6e07adf8cca4becf14fc4a78d5f48a8d
SHA1

328c0fe234621a00a16fa82912e8810fef1e3e9a
SHA256

35d747c8b27dd5f0ab6f87245e0817f84f9c976899d0c432aab4e489605ba496
SHA512

f697d4a8177c3eca12ca0a698d10be68faae94d8b74013deab1f594158a46e6acd09f3fc017a807732a5eeddcadeb8366bb781cb0f93308db284ff9abb7d50c5
SSDEEP

1536:YKfqyQsun9nFHDb3WVjylCtBP3BHFSGpjTUpvYBkJD:YK8sq9nl4fFIiUCBkJD

Score

N/A

Malware Config

Signatures

Files

35d747c8b27dd5f0ab6f87245e0817f84f9c976899d0c432aab4e489605ba496
.dll windows x86

1c399989468558f78a3b2367b255c01e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
GetModuleFileNameA
CreateThread
HeapSize
SetEndOfFile
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
LoadLibraryA
InitializeCriticalSection
CreateFileA
HeapReAlloc
VirtualAlloc
FlushFileBuffers
SetStdHandle
InterlockedExchange
GetOEMCP
GetACP
RtlUnwind
Sleep
GetSystemDirectoryA
lstrcatA
GetLocaleInfoA
GetCPInfo
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
WriteFile
HeapFree
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte

user32

WindowFromPoint
GetCursorPos
GetClassNameA
GetDlgItem
GetAsyncKeyState
GetWindowTextA
SetWindowLongA
CallWindowProcA
ToAscii
GetKeyState
GetKeyboardState
wsprintfA
GetClientRect
GetForegroundWindow
GetDesktopWindow
GetWindowDC
ClientToScreen
ReleaseDC
SetWindowsHookExA
SetCursorPos
UnhookWindowsHookEx
GetWindowLongA
CallNextHookEx
GetWindowThreadProcessId

gdi32

GetPixel

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

ShellExecuteA

ws2_32

gethostbyname
WSAStartup
inet_ntoa
gethostname
recv
send
WSACleanup
closesocket
connect
inet_addr
htons
socket

urlmon

URLDownloadToFileA

Exports

Exports

insthook

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c399989468558f78a3b2367b255c01e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

urlmon

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 73KB

shared Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 73KB

shared
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 4KB