f9a81bd6f077e444e55fc8f89a862d60dffdb31c7cfba41849a6b2d045d70e65_unpacked

General

Target

f9a81bd6f077e444e55fc8f89a862d60dffdb31c7cfba41849a6b2d045d70e65_unpacked
Size

13KB
MD5

a2bd94969771e17be6d4a4df66ea2310
SHA1

10b3569b543c65bf3127bed979acd654eccad430
SHA256

70b02b62bb6b3b7bbf8957a93efe138c54feda34c6df9f52c1209795ffc25c6b
SHA512

332fa6eed01318a77c3e49fd373d1d93e410a66d23f44329d9d5ca21d60b2c94f044e8fa219a04a251b8618792a924d9b91f51aa820492a5d8b7c69315b71c1b
SSDEEP

192:LT3kJI6nzHelpxS9/hNWtRCcDcgp78p9hLf3Z3V6GWrf7dp4b33CZaVbdlVb4ML8:LTiFWtRCcR+f3ZF6GWj7du3yYVRlOO

Score

N/A

Malware Config

Signatures

Files

f9a81bd6f077e444e55fc8f89a862d60dffdb31c7cfba41849a6b2d045d70e65_unpacked
.dll windows x86

b76c9ee38d86126d686ee865f3e31021

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
GetCurrentHwProfileA

kernel32

CloseHandle
CreateEventA
CreateMutexA
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
DuplicateHandle
ExitProcess
GetComputerNameA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetModuleHandleA
GetProcAddress
GetVersion
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalFree
LoadLibraryA
MultiByteToWideChar
OpenProcess
Process32First
Process32Next
ResetEvent
RtlZeroMemory
SetEvent
Sleep
TerminateProcess
VirtualProtect
WaitForSingleObject
lstrcatA
lstrcmpA

user32

CallNextHookEx
CreateDialogIndirectParamW
DispatchMessageA
EnumWindows
FindWindowA
GetClassNameA
GetDlgItem
GetForegroundWindow
GetMessageA
GetWindowLongA
GetWindowTextA
MoveWindow
RegisterHotKey
SendMessageA
SetForegroundWindow
SetLayeredWindowAttributes
SetTimer
SetWindowLongA
SetWindowPos
SetWindowsHookExA
ShowWindow
TranslateMessage

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
gethostbyname
recv
select
send
socket

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 653B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b76c9ee38d86126d686ee865f3e31021

Headers

File Characteristics

Imports

advapi32

kernel32

user32

ws2_32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 653B

.reloc Size: 512B - Virtual size: 432B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 653B

.reloc
Size: 512B - Virtual size: 432B