235e0b44768111e1c3505bf436eda4e1812f1f28a2ba108e6548e447603425a1

Sharing

Copy URL

Twitter E-mail

General

Target

235e0b44768111e1c3505bf436eda4e1812f1f28a2ba108e6548e447603425a1
Size

120KB
MD5

107851310adaf38ceeec9bcb663ed810
SHA1

4e9b80b327ddb6826329e0bd820dbbbd6ab782ca
SHA256

235e0b44768111e1c3505bf436eda4e1812f1f28a2ba108e6548e447603425a1
SHA512

3ba14d9d7fd281d7d6355730b2727650f8bbb7483b84268c0a73833d4a97a2dab145ef6509e3139bf7c2e396cc7235d8d0d5a7cfc18110ed6362740f219fcd42
SSDEEP

3072:KrHALxDwXmU8d8BrkqeY4Kt9i9EuhZDYkd0E3/i:6ARSJ8d8BrkGt9i9EyVI

Score

N/A

Malware Config

Signatures

Files

235e0b44768111e1c3505bf436eda4e1812f1f28a2ba108e6548e447603425a1
.dll windows x86

ecb2114e70b58e2b42f7ca784c5b9fa3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA

advapi32

RegOpenKeyExA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA

ws2_32

connect
htons
socket
closesocket
send
gethostbyname
recv

shlwapi

PathRemoveFileSpecA
PathFileExistsA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

user32

CharLowerW
GetKeyboardState
GetWindowLongA
GetCaretPos
SetCaretPos
GetFocus
SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA
GetKeyState
ToAscii
CallNextHookEx

kernel32

GetSystemInfo
GetModuleHandleA
VirtualProtect
CreateToolhelp32Snapshot
GetCurrentProcessId
GetSystemTime
DeleteFileA
GetLastError
AddVectoredExceptionHandler
lstrcmpiW
lstrcpyW
LocalAlloc
Process32Next
LoadLibraryA
CopyFileA
VirtualAlloc
GetProcAddress
lstrcmpiA
lstrlenW
ReadFile
TerminateProcess
WideCharToMultiByte
GetTickCount
SetEvent
WaitForSingleObject
Process32First
GetCurrentProcess
VirtualQuery
GlobalMemoryStatus
lstrcpyA
CreateThread
ResumeThread
GetTempPathA
GetModuleFileNameA
GetStartupInfoA
lstrcatA
GetSystemDirectoryA
CreateProcessA
CreateEventA
IsBadReadPtr
GlobalFree
MultiByteToWideChar
Sleep
GlobalAlloc
lstrlenA
CloseHandle
CreateFileA
RtlFillMemory
RtlMoveMemory
SetFilePointer
WriteFile
MoveFileExA

Exports

Exports

HandleHookRecvData_FromLsp
HandleHookSendData_FromLsp
SetHook
UnHook

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecb2114e70b58e2b42f7ca784c5b9fa3

Headers

File Characteristics

Imports

wininet

advapi32

ws2_32

shlwapi

version

user32

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 7KB

.vmp0 Size: 92KB - Virtual size: 91KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 7KB

.vmp0
Size: 92KB - Virtual size: 91KB

.reloc
Size: 1KB - Virtual size: 1KB