8ba1a780c95043c4beb72419f09b95ec95f37288e1f22c8d7c52951fc984a9c7

General

Target

8ba1a780c95043c4beb72419f09b95ec95f37288e1f22c8d7c52951fc984a9c7
Size

10KB
MD5

21cd7afaea65509133de3da91ccc290f
SHA1

5549a0eaf3b046ba03949f24278b4eee77665c85
SHA256

8ba1a780c95043c4beb72419f09b95ec95f37288e1f22c8d7c52951fc984a9c7
SHA512

e372496f3a51cf830ee752d633f071a27fcabc1dc0fc9c2b57c8785d95145dc29ae9d7a137e7bf106e9f0d1d5a8b269fa2ce6bcaac9cbea6b77b011025650916
SSDEEP

192:jP/r2lxfFsxGO3A/UG/lFrWG1LaMNonnKoedAA0VPwkHJTjCrWDS31My:jP/qdRnlFP1LInJed0HPCACv

Score

N/A

Malware Config

Signatures

Files

8ba1a780c95043c4beb72419f09b95ec95f37288e1f22c8d7c52951fc984a9c7
.dll windows x86

416613dcc2b918e7950920566ea2916e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryW
CreateFileA
CreateFileMappingA
CreateProcessA
CreateThread
ExitProcess
FreeLibraryAndExitThread
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
LoadLibraryA
LocalAlloc
MapViewOfFile
OpenEventA
RtlZeroMemory
Sleep
TerminateThread
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WaitForSingleObject
WinExec
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
lstrlenW

user32

DefWindowProcW
FindWindowW
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
wsprintfA

advapi32

CloseServiceHandle
ControlService
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

ws2_32

WSASocketA
closesocket
connect
gethostbyname
ioctlsocket
ntohs
recv
select
send
setsockopt
socket

wininet

InternetConnectA

wintrust

WinVerifyTrust

shell32

ShellExecuteA
StrRChrA

icmp

IcmpCloseHandle
IcmpCreateFile
IcmpSendEcho

Exports

Exports

AddProcessExclusion
GetChangeRect
GetChangedWindowList
IsTitleBarButtonPressed
RemoveProcessExclusion
SetButtonXOffset
SetSingleWindow
ShowTitleBarButton
StartHooks
StopHooks

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

416613dcc2b918e7950920566ea2916e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

wintrust

shell32

icmp

Exports

Exports

Sections

.code Size: 9KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 648B

.code
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 648B