c70cc2d0decf901bc6bed26be6c6d14b06f6c6a9b749a04a87eecc12eaebd16f

Sharing

Copy URL Twitter E-mail

General

Target

c70cc2d0decf901bc6bed26be6c6d14b06f6c6a9b749a04a87eecc12eaebd16f
Size

30KB
MD5

118e7a17194938e8cae3c1176958eed0
SHA1

3267dd6a10f82793038bdbe58d51569a552d5d59
SHA256

c70cc2d0decf901bc6bed26be6c6d14b06f6c6a9b749a04a87eecc12eaebd16f
SHA512

578a6ff892655d871780fe882d90114c5b65e67f5447366bb71ebab8b2364e308dd30107edeedf70b3bb31ba83fe64e60b33201585445bc004bed67677ff9773
SSDEEP

768:pPM7DuqKuEyWf06Vq9jsjG73AkBCFXtT4:pU/eyWf0iqRYx4

Score

N/A

Malware Config

Signatures

Files

c70cc2d0decf901bc6bed26be6c6d14b06f6c6a9b749a04a87eecc12eaebd16f
.dll windows x86

f015533c4a99bd4649781f813f9f3dbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateRemoteThread
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
lstrlenA
GetCurrentProcess
ResumeThread
TerminateProcess
GetModuleFileNameA
VirtualProtectEx
WriteProcessMemory
GetPrivateProfileStringA
ReadProcessMemory
SetUnhandledExceptionFilter
SetThreadContext
OpenThread
ReadFile
CreateFileA
WideCharToMultiByte
MultiByteToWideChar
CreateProcessA
CloseHandle
LoadLibraryA
ExitProcess
GetSystemDirectoryA
GetCurrentThreadId
GetTickCount
RaiseException
SetFilePointer
WriteFile
DeleteFileA
InitializeCriticalSection
VirtualProtect
LeaveCriticalSection
EnterCriticalSection
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
CreateMutexA
GetLastError
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCommandLineA
IsBadReadPtr
TerminateThread
VirtualAlloc
CreateThread

user32

CallNextHookEx
GetWindowThreadProcessId
GetWindowTextA
FindWindowA
UnhookWindowsHookEx
GetForegroundWindow

shlwapi

PathFileExistsA

msvcrt

srand
wcslen
_stricmp
_strlwr
_strcmpi
_strupr
_ltoa
rand
strcmp
fopen
fread
fclose
strstr
??2@YAPAXI@Z
memcpy
strrchr
memset
sprintf
strcat
strcpy
strlen
atoi
??3@YAXPAX@Z
strncpy
strchr

Exports

Exports

ccc
ddd

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f015533c4a99bd4649781f813f9f3dbb

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 14KB

sdt Size: 512B - Virtual size: 140B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 14KB

sdt
Size: 512B - Virtual size: 140B

.reloc
Size: 3KB - Virtual size: 2KB