25f5b5f664910f803b3ca2e3be5b3607dac4e0df024fb5ea7f447d7d4d76c19b

Sharing

Copy URL Twitter E-mail

General

Target

25f5b5f664910f803b3ca2e3be5b3607dac4e0df024fb5ea7f447d7d4d76c19b
Size

113KB
MD5

4e79f897293bc04c059f43b878ffbe80
SHA1

4a9d07b0102804e431b2b4170dc5f63974a030c5
SHA256

25f5b5f664910f803b3ca2e3be5b3607dac4e0df024fb5ea7f447d7d4d76c19b
SHA512

357b9b1f5c8bcc8b1ee3723c9e434b00fad0c70b4e04b3bfc832ffb5cf794ed0af66835b98a7e09d9c37b9ab01f4ce4cc14537b3e879d9970d2505bf6ecc6549
SSDEEP

1536:ZMe42TGuxfiZ0FqdbXCXg5XWZcDHBj8AEZO7dKnvZZFxwwv45wcwINLO4gQGCHUd:ZFFXQ5GGZ8AEZjZZf0fwMJLs9

Score

N/A

Malware Config

Signatures

Files

25f5b5f664910f803b3ca2e3be5b3607dac4e0df024fb5ea7f447d7d4d76c19b
.dll windows x86

caa03f8dbe56a2dc166f7ef3c70c8b40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

minhook.x86

MH_Uninitialize
MH_EnableHook
MH_CreateHook
MH_Initialize
MH_DisableHook

kernel32

GetEnvironmentStrings
FlushFileBuffers
CloseHandle
CreateFileA
GetLastError
OutputDebugStringW
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx

ole32

CoCreateInstance
CoUninitialize

oleaut32

SysAllocString

Exports

Exports

StartHook
StopHook

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sharedda
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

caa03f8dbe56a2dc166f7ef3c70c8b40

Headers

File Characteristics

Imports

minhook.x86

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 10KB

sharedda Size: 512B - Virtual size: 8B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 10KB

sharedda
Size: 512B - Virtual size: 8B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 56KB - Virtual size: 60KB