1bbd0bd0ce2fa046364779b0364f9b2a6112e0ca2b6afe11655ac67b3e9962f6

General

Target

1bbd0bd0ce2fa046364779b0364f9b2a6112e0ca2b6afe11655ac67b3e9962f6
Size

33KB
MD5

0cbe96ce1941fd32fde80ff7272fe210
SHA1

778fa4a2c081833b523cfe82a03b3d9f82fe3957
SHA256

1bbd0bd0ce2fa046364779b0364f9b2a6112e0ca2b6afe11655ac67b3e9962f6
SHA512

be1c23bbe18e3bc345ce5b60060b276de2de093ff8a14f5910cbfbb582b2f07de97516d2f86167f8b0281e0494e3b5a1a8019dd9493e26881e4f591c0d643aff
SSDEEP

768:OPcTpwUIWydN/q1K5Y8X4XzrsduY9P/BBQARQka6+AIlsZ:EZWyc0uY9P/BBQARTH

Score

N/A

Malware Config

Signatures

Files

1bbd0bd0ce2fa046364779b0364f9b2a6112e0ca2b6afe11655ac67b3e9962f6
.dll windows x86

ce8a94fcfd90384a288230360724ce9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
gethostname

ntdll

sscanf
RtlNumberGenericTableElements
RtlInsertElementGenericTable
RtlInitializeGenericTable
RtlGetElementGenericTable
RtlDeleteElementGenericTable
strstr
_snprintf
RtlZeroMemory
RtlUnwind
memcmp
memcpy
strlen

kernel32

GetPrivateProfileStringA
lstrcpynA
WriteFile
VirtualProtectEx
VirtualFree
VirtualAlloc
UnmapViewOfFile
MoveFileExA
MapViewOfFile
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetStartupInfoA
GetLastError
GetExitCodeThread
DeleteFileA
CreateProcessA
GlobalAlloc
GlobalFree
CloseHandle
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
TerminateThread
WaitForSingleObject
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
CreateFileMappingA
WideCharToMultiByte
CreateFileA
GetFileSize
ReadFile
IsBadReadPtr

user32

wsprintfA
EnumWindows
GetWindowTextA
GetWindowThreadProcessId
CallNextHookEx
FindWindowA
KillTimer
RegisterWindowMessageA
SendMessageA
SetTimer
SetWindowsHookExA
UnhookWindowsHookEx

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce8a94fcfd90384a288230360724ce9e

Headers

File Characteristics

Imports

ws2_32

ntdll

kernel32

user32

Sections

.text Size: 25KB - Virtual size: 25KB

.bss Size: - Virtual size: 12B

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 900B

.text
Size: 25KB - Virtual size: 25KB

.bss
Size: - Virtual size: 12B

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 900B