06e448ee16c2259a1405287112f824fef5e9d37e7f6f877039a94fd198e7f9aa

General

Target

06e448ee16c2259a1405287112f824fef5e9d37e7f6f877039a94fd198e7f9aa
Size

100KB
MD5

30adb74897779238a39fe17ef2a48f70
SHA1

baf62b15358d766c396a911e51a3b405bd8d8c77
SHA256

06e448ee16c2259a1405287112f824fef5e9d37e7f6f877039a94fd198e7f9aa
SHA512

caa440aa1a5f4294ba05d6eb7f710dd229f2ae4e830fc4ceb2c81e26efabc86cba5135852ab9ebc30168e3a78f0f5c1d507a31280adf445bdb1225a603e4c720
SSDEEP

1536:4wmBfATnLxjlnuC98IYUoNMrJnmzjsBhGnXuGYIoghL7RgC+lRDv13Alf:4lJWgbUoNMrJKsynXu5IoG7RgflRDul

Score

N/A

Malware Config

Signatures

Files

06e448ee16c2259a1405287112f824fef5e9d37e7f6f877039a94fd198e7f9aa
.dll windows x86

97c3807720f0f6f83a1750bbbba2de94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateDirectoryA
DeleteFileA
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
CloseHandle
InitializeCriticalSection
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CallNextHookEx
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA

ollydbg.exe

ord73
ord53
ord88
ord2

Exports

Exports

_ODBG_Pluginaction
_ODBG_Pluginclose
_ODBG_Plugindata
_ODBG_Plugindestroy
_ODBG_Plugininit
_ODBG_Pluginmenu

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

97c3807720f0f6f83a1750bbbba2de94

Headers

File Characteristics

Imports

kernel32

user32

ollydbg.exe

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 60KB - Virtual size: 60KB