397c0f34635c4a0de4b48ce3bfeccede42416232e1dee5c6607cbf5bbbe20543

Sharing

Copy URL Twitter E-mail

General

Target

397c0f34635c4a0de4b48ce3bfeccede42416232e1dee5c6607cbf5bbbe20543
Size

50KB
MD5

0d00280cb7393ae459e246fc4317d8f0
SHA1

fbbd2ad5fb92d52413f16aa0c75f29f918f90038
SHA256

397c0f34635c4a0de4b48ce3bfeccede42416232e1dee5c6607cbf5bbbe20543
SHA512

e260c6bbd1f396462476f9b67fb20077e94e70b901cf91c808f41b775b7860d05ca5b5e3b2dcfe49748e5d9d3b1a14a2944faa718697ee1cc7da29cfe6d41d51
SSDEEP

768:Dlr7bVimhapVnOW6jFyOg414fmq3mO/ZUJ/nTu36qBPDxWzjQ:DlHvYOW6jFyOnOB/mn63HDxEjQ

Score

N/A

Malware Config

Signatures

Files

397c0f34635c4a0de4b48ce3bfeccede42416232e1dee5c6607cbf5bbbe20543
.dll windows x86

f7b68aec430de3e98f16d40a954a1154

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
CreateFileA
ReadFile
MultiByteToWideChar
DeleteFileA
GlobalAlloc
GlobalLock
WriteFile
GlobalUnlock
GlobalFree
GetTempPathA
GetTickCount
WideCharToMultiByte
GetPrivateProfileStringA
GetModuleFileNameA
CreateMutexA
GetLastError
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemTime
CopyFileA
SetFilePointer
lstrlenA
ExitProcess
lstrcmpA
Sleep
CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
VirtualProtect
IsBadReadPtr
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
CreateThread
OutputDebugStringA

user32

UnhookWindowsHookEx
CallNextHookEx
GetSystemMetrics
EnumWindows
PrintWindow
GetDC
ReleaseDC
IsRectEmpty
GetWindowTextA
IsWindowVisible
IsIconic
GetActiveWindow
ShowWindow
SetForegroundWindow
FindWindowA
FindWindowExA
GetWindowThreadProcessId
GetWindowInfo
PostThreadMessageA

gdi32

GetObjectA
CreateDCA
GetDeviceCaps
DeleteDC
GetStockObject
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject

gdiplus

GdipSaveImageToFile
GdipCloneImage
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipAlloc
GdipFree
GdipGetImageEncodersSize
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders

wininet

InternetConnectA
HttpEndRequestA
InternetCloseHandle
InternetOpenA
HttpSendRequestExA
HttpAddRequestHeadersA
HttpOpenRequestA

msvcrt

memset
??2@YAPAXI@Z
??3@YAXPAX@Z
atoi
malloc
free
wcscmp
strstr
memmove
sprintf
??1type_info@@UAE@XZ
_except_handler3

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

DeleteSelf
KsCreateAllocator
KsCreateClock
KsCreatePin
KsCreateTopologyNode
PPPP
QQQQ

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7b68aec430de3e98f16d40a954a1154

Headers

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

wininet

msvcrt

version

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 2KB