8327181b19a8e050a6a5f3e95fcdcb4c957ea59836790cc5ed544ac078e473a6

General

Target

8327181b19a8e050a6a5f3e95fcdcb4c957ea59836790cc5ed544ac078e473a6
Size

57KB
MD5

57285d870d425804a90d777ddd6e9aff
SHA1

23fe0b9952f65bdc861a3912256afd4944473b67
SHA256

8327181b19a8e050a6a5f3e95fcdcb4c957ea59836790cc5ed544ac078e473a6
SHA512

8f288c6052e94b7d3e481ce624f7f93d9a3aa988a61b50fa9ec933d2a3c7aee8a7d53861758affd0ca1ffaa6b1d3f338484464f8775e9101631e51633de48035
SSDEEP

384:j3jK7VvBIAqHWqFcL3pqylnNlJMf/DOHFykc0hNCc+WwMASXa:jMBIAqDcrpqylnf+XiTNQJma

Score

N/A

Malware Config

Signatures

Files

8327181b19a8e050a6a5f3e95fcdcb4c957ea59836790cc5ed544ac078e473a6
.dll windows x86

51d2988145cc62c212df87616461b71d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
lstrcpyA
GetWindowsDirectoryA
GetProcAddress
LoadLibraryA
Sleep
CreateFileA
lstrcatA
ReadFile
GetModuleHandleA
LocalAlloc
CreateThread
IsBadReadPtr
GetModuleFileNameA
Module32First
Module32Next
lstrlenA
ReadProcessMemory
OpenProcess
VirtualProtectEx
VirtualProtect
WriteProcessMemory
lstrcmpA
CreateToolhelp32Snapshot
CloseHandle

user32

GetWindowTextA
GetForegroundWindow
wsprintfA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shlwapi

StrStrIA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

strstr
_except_handler3
strrchr
_purecall
memcmp
isprint
strncat
strlen
strcat
_itoa
??2@YAPAXI@Z
memset
strcpy
memcpy
??3@YAXPAX@Z

Exports

Exports

yskeicocao
yskeicocaoDrawTextEx
yskeicocaoEditControl
yskeicocaoExtTextOut
yskeicocaoGetCharacterPlacement
yskeicocaoGetTextExtentExPoint
yskeicocaoPSMTextOut

Sections

.bss
Size: - Virtual size: 64.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51d2988145cc62c212df87616461b71d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

msvcrt

Exports

Exports

Sections

.bss Size: - Virtual size: 64.1MB

.data Size: 30KB - Virtual size: 29KB

shard Size: 12KB - Virtual size: 11KB

.reloc Size: 14KB - Virtual size: 13KB

.bss
Size: - Virtual size: 64.1MB

.data
Size: 30KB - Virtual size: 29KB

shard
Size: 12KB - Virtual size: 11KB

.reloc
Size: 14KB - Virtual size: 13KB