19561766728f690d5c6510cad4fb2fdc20ecd94cefa1d8b29f757194de3d6338

Sharing

Copy URL Twitter E-mail

General

Target

19561766728f690d5c6510cad4fb2fdc20ecd94cefa1d8b29f757194de3d6338
Size

23KB
MD5

d682a0743d3ff5e4fea58a9d850cb1c8
SHA1

4e2f5160dface9b565ddef53f870fcab5de9329e
SHA256

19561766728f690d5c6510cad4fb2fdc20ecd94cefa1d8b29f757194de3d6338
SHA512

527f368e8997ce8ec97e0da6cbf3b7fa84701a00159273f2f266765d788cbf4b7948d42a5f4349f2405852e4c73c3e62221156ddbc8ec74bb3dbe9f1b527578f
SSDEEP

384:zZezdX0sO+SaOitjRf8IiatshDDO84z6M3ylLPY9aO9n99FnfbS:zZeBFO+2i3HsA842M3wIvNO

Score

N/A

Malware Config

Signatures

Files

19561766728f690d5c6510cad4fb2fdc20ecd94cefa1d8b29f757194de3d6338
.dll windows x86

c06b466f671b9f1add9a43e6a61cde51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileSize
ReadFile
CreateFileA
DeleteFileA
MultiByteToWideChar
GlobalFree
GlobalUnlock
WriteFile
GlobalLock
GlobalAlloc
lstrcpynA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateThread
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
GetTickCount
lstrcmpiA
lstrlenA
Sleep
lstrcmpA
lstrcpyA
ExitProcess
GetSystemDirectoryA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTempPathA
OutputDebugStringA

user32

PostThreadMessageA
UnhookWindowsHookEx
CallNextHookEx
EnumWindows
GetSystemMetrics
GetWindowTextA
IsIconic
GetActiveWindow
ReleaseDC
GetDC
IsRectEmpty
GetWindowThreadProcessId
FindWindowExA
FindWindowA
PrintWindow
GetWindowInfo
SetForegroundWindow
ShowWindow
SetWindowsHookExA

gdi32

GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
CreateDCA
GetDeviceCaps
DeleteDC
GetDIBits
RealizePalette
SelectPalette
GetStockObject
CreateCompatibleBitmap

wininet

InternetConnectA
HttpAddRequestHeadersA
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
HttpEndRequestA
InternetWriteFile
InternetCloseHandle
HttpSendRequestExA

gdiplus

GdipDisposeImage
GdipFree
GdiplusStartup
GdipAlloc
GdipLoadImageFromFile
GdipSaveImageToFile
GdiplusShutdown
GdipGetImageEncodersSize
GdipCloneImage
GdipGetImageEncoders

msvcrt

atoi
memmove
free
malloc
??3@YAXPAX@Z
wcscmp
??2@YAPAXI@Z
_except_handler3
_local_unwind2
strstr

Exports

Exports

InstallService
wwhkf
wwhko

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c06b466f671b9f1add9a43e6a61cde51

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wininet

gdiplus

msvcrt

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 14KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 14KB

.reloc
Size: 2KB - Virtual size: 1KB