9b00b8c9c98f6193821f9c9202718180e680045224ed75c64ee677f7990659b6

Sharing

Copy URL Twitter E-mail

General

Target

9b00b8c9c98f6193821f9c9202718180e680045224ed75c64ee677f7990659b6
Size

48KB
MD5

300286ec60f1e7a7753445d1a8972e80
SHA1

fb14c125dbe699477f68c5e508a4e511267f2a4b
SHA256

9b00b8c9c98f6193821f9c9202718180e680045224ed75c64ee677f7990659b6
SHA512

ebc7d83c350a2e31f57bb3a580fc964c5b1208bbce89bff663e73098ab493a2510f428c40c94f00a3a4a6012b2a5a5eb272a12587da37af3ac843974616df452
SSDEEP

768:c4/Vk9yEpxxWcqWMsXtLSa8wk+ZzsCSnIPq0sML:c4/+9yWxx9qWMsXtLt8/+Z53S0sML

Score

N/A

Malware Config

Signatures

Files

9b00b8c9c98f6193821f9c9202718180e680045224ed75c64ee677f7990659b6
.dll windows x86

0f466f86c778cabfc7a656db2f415334

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
WriteProcessMemory
GetCurrentProcess
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetModuleHandleA
GetSystemInfo
lstrlenA
VirtualQuery
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
lstrcmpiA
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
HeapReAlloc
HeapAlloc
ExitProcess
TerminateProcess
HeapSize
TlsFree
SetLastError
TlsGetValue
GetLastError
TlsAlloc
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

user32

UnhookWindowsHookEx
SetWindowsHookExA
GetActiveWindow
GetForegroundWindow
SendMessageA
CallNextHookEx

imagehlp

ImageDirectoryEntryToData

Exports

Exports

GetLastTickCount
Load
RemoveHook
SetHook
SetOpt

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f466f86c778cabfc7a656db2f415334

Headers

File Characteristics

Imports

kernel32

user32

imagehlp

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 36B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 36B

.reloc
Size: 4KB - Virtual size: 3KB