fed656a0b417fa54b490794c9f025da7f1c04d5e1b20238f5ecc37bc76dbeb68

Sharing

Copy URL Twitter E-mail

General

Target

fed656a0b417fa54b490794c9f025da7f1c04d5e1b20238f5ecc37bc76dbeb68
Size

206KB
MD5

06fb3bf84f4c2b72edb423f25eda9550
SHA1

adc80bcc3a754e13d56dd4289fe225d681fe1518
SHA256

fed656a0b417fa54b490794c9f025da7f1c04d5e1b20238f5ecc37bc76dbeb68
SHA512

8ac593a3af99fe7688177d57eceaa9bef91ce2795c24cff6414b1d962780d8839d978d6636a874f062a72356b965963f2f660e1bd37c855256a664a5dd025979
SSDEEP

3072:NhdyOz32XFTvM5SB+A4G6VJ3/mD6JtaygVxgLEVGGhf:YOCVjdB+PGWvHJkjVGGh

Score

N/A

Malware Config

Signatures

Files

fed656a0b417fa54b490794c9f025da7f1c04d5e1b20238f5ecc37bc76dbeb68
.dll windows x86

a6373989cb51147de0ff2ae9ba8e7758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
lstrcatA
GetUserDefaultLangID
GlobalUnlock
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GlobalLock
GlobalAlloc
LoadLibraryW
OpenProcess
GetProcessHeap
HeapFree
HeapAlloc
CloseHandle
lstrcpyW
lstrcpyA
lstrcmpiA
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetFullPathNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetSystemTimeAsFileTime

user32

BeginPaint
EndPaint
FindWindowA
GetWindowThreadProcessId
DrawFrameControl
GetSysColor
GetSysColorBrush
SetRect
LoadBitmapA
LoadImageW
GetPropA
SetPropA
RedrawWindow
GetForegroundWindow
DestroyWindow
GetMenuItemInfoA
SetMenuItemBitmaps
DeleteMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetSystemMenu
GetSystemMetrics
IsWindowEnabled
GetAsyncKeyState
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
ShowWindow
IsMenu
IsWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
SystemParametersInfoA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetClassNameA
EnumWindows
RemovePropA
GetParent
GetDesktopWindow
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
IsRectEmpty
OffsetRect
UnionRect
IntersectRect
SetRectEmpty
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
MessageBoxA
GetWindowRect
GetClientRect
SetMenuDefaultItem
GetWindowTextA
PostMessageA
SendMessageA
RegisterWindowMessageA
wsprintfA
LoadStringA
FindWindowExA

gdi32

GetObjectA
CreateSolidBrush
SelectObject
StretchBlt
DeleteObject
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
ExtFloodFill
CreateDCA
DeleteDC

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegEnumValueA

msvcr110

_except_handler4_common
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
sscanf_s
atol
atoi
_mbsstr
_strupr_s
strstr
_strnicmp
strncmp
_strlwr_s
_stricmp
strchr
sprintf_s
memset
memcpy
__clean_type_info_names_internal

Exports

Exports

HookMessages
SetMonitorPowerDown
SetShadows
SnapMax
UnhookMessage
UpdateHookAppConfiguration
UpdateHookConfiguration

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6373989cb51147de0ff2ae9ba8e7758

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcr110

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 2KB

.sdata Size: 66KB - Virtual size: 66KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 7KB - Virtual size: 6KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 2KB

.sdata
Size: 66KB - Virtual size: 66KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 7KB - Virtual size: 6KB

.rmnet
Size: 56KB - Virtual size: 60KB