df0de6af7a3519a56d0045009bda8b9e7a8286ebe1c088bbc14537742fbb145d

General

Target

df0de6af7a3519a56d0045009bda8b9e7a8286ebe1c088bbc14537742fbb145d
Size

32KB
MD5

93115ab312b212e31db33aa68b72c8b0
SHA1

8f567815e150181102d6afee055e80b4fd344c4a
SHA256

df0de6af7a3519a56d0045009bda8b9e7a8286ebe1c088bbc14537742fbb145d
SHA512

ea6b43c395bad7c9cb0c741aa1592584b75049288906ccb70d232d473dae686d7a1c4fdaacfee9fe4a5fc3d6e4cf141f607cb6ae28e074e1eaff9de7cc95b498
SSDEEP

768:mfXzv8TsBx284yM9apqz15QL3l7Uo9Q7Fn:4Xzv8sBxtqzugqQ7V

Score

N/A

Malware Config

Signatures

Files

df0de6af7a3519a56d0045009bda8b9e7a8286ebe1c088bbc14537742fbb145d
.dll windows x86

3cd33601b545e82a4f0dad7fcb029822

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA

ws2_32

WSCEnumProtocols
WSCGetProviderPath

shlwapi

PathRemoveFileSpecA
PathFileExistsA

user32

FindWindowA
GetDlgItemTextA
GetWindowThreadProcessId
CallNextHookEx
GetWindowLongA
UnhookWindowsHookEx
wsprintfA
wsprintfW
SetWindowsHookExA

kernel32

GetSystemInfo
GetModuleHandleA
VirtualProtect
GetCurrentProcessId
GetSystemTime
lstrcpyA
IsBadReadPtr
CreateThread
LoadLibraryW
ExpandEnvironmentStringsW
LocalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
GetLastError
lstrlenW
GetCurrentProcess
lstrcatA
ReadFile
TerminateProcess
VirtualQuery
GlobalMemoryStatus
GetModuleFileNameA
GlobalFree
MultiByteToWideChar
Sleep
GlobalAlloc
lstrlenA
WriteFile
SetFilePointer
CloseHandle
CreateFileA
RtlFillMemory
RtlMoveMemory

Exports

Exports

SetHook
UnHook
WSPStartup

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cd33601b545e82a4f0dad7fcb029822

Headers

File Characteristics

Imports

wininet

ws2_32

shlwapi

user32

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 4KB

.vmp0 Size: 17KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 980B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 4KB

.vmp0
Size: 17KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 980B