872c37941e97dcf15adf549c02724e7f54b3d79eac1207af536f692177649f9f

General

Target

872c37941e97dcf15adf549c02724e7f54b3d79eac1207af536f692177649f9f
Size

10KB
MD5

786cbfd0078dcff5c3c2301c9b4c5444
SHA1

a27cb2306e8eb0fe76123def0d97bc70f9fa1411
SHA256

872c37941e97dcf15adf549c02724e7f54b3d79eac1207af536f692177649f9f
SHA512

0c40f8baf8a35af9b5ff11cff06a2ee5145aaad0314b8abe596d763f27a6a3cd1d61d9c23758bf406994873ef23b9cef24d54b9ee51381c331c70771831803ff
SSDEEP

192:83Y3b13zTeHDv1Cix3tsNlXNBb1/hePRX/GF:t321CM3ts79B9heZX/G

Score

N/A

Malware Config

Signatures

Files

872c37941e97dcf15adf549c02724e7f54b3d79eac1207af536f692177649f9f
.dll windows x86

d56dc0821df141a71e45ef3ca676a5bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
WriteProcessMemory
OpenProcess
lstrlenA
WideCharToMultiByte
lstrlenW
Module32Next
Module32First
GetWindowsDirectoryA
GetCurrentThreadId
GetLastError
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
DeleteFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateMutexA
LoadLibraryA
ReleaseMutex
RtlZeroMemory
lstrcpyA
GetCurrentProcessId
Sleep
GetModuleFileNameA
CreateThread
lstrcatA
CloseHandle

user32

wsprintfA
GetMessageA
PostThreadMessageA
SetWindowsHookExA
GetWindowThreadProcessId
CallNextHookEx
UnhookWindowsHookEx
EnumWindows

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

shlwapi

StrStrIA
PathFileExistsA

msvcrt

strcmp
isprint
strstr

Exports

Exports

SetMsgHook
ins

Sections

.bss
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d56dc0821df141a71e45ef3ca676a5bf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Exports

Exports

Sections

.bss Size: - Virtual size: 67KB

.data Size: 7KB - Virtual size: 6KB

shard Size: 512B - Virtual size: 268B

.reloc Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 67KB

.data
Size: 7KB - Virtual size: 6KB

shard
Size: 512B - Virtual size: 268B

.reloc
Size: 1KB - Virtual size: 1KB