545a98589ca4e2146f22b845ae670d056b7b87d14247fcd401a1b77a2c14f0a1

General

Target

545a98589ca4e2146f22b845ae670d056b7b87d14247fcd401a1b77a2c14f0a1
Size

9KB
MD5

7ff05c8286ef8af9bd510432d0d7cee1
SHA1

170e33d229ae6be2c1a3fb233f8ee2e6cbf52b43
SHA256

545a98589ca4e2146f22b845ae670d056b7b87d14247fcd401a1b77a2c14f0a1
SHA512

eefd49e223b26a540ab813b673b946710aefb82aaa735bc0068d479b4a93c8055f207574754c4b0f6991955c1bc16d92cf8108e15bae4e19fd6e9cc1d7ca3b25
SSDEEP

192:ehBPIcgjqxL9DPezyiH4XCAVJPwHJTOHWxDhCRWQ:ehBgcgjqxL9jezZCCA+KB

Score

N/A

Malware Config

Signatures

Files

545a98589ca4e2146f22b845ae670d056b7b87d14247fcd401a1b77a2c14f0a1
.dll windows x86

5a47d4f28fe20a0e99fea5427fb5eb94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryW
CreateFileA
CreateProcessA
CreateThread
ExitProcess
FreeLibraryAndExitThread
GetCommandLineA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
LoadLibraryA
OpenEventA
RtlZeroMemory
Sleep
TerminateThread
VirtualAlloc
VirtualProtect
WaitForSingleObject
WinExec
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
lstrlenW

user32

CallWindowProcA
CreateDialogParamW
FindWindowW
SetWindowLongA
SetWindowTextW
ShowWindow
wsprintfA

advapi32

CloseServiceHandle
ControlService
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

ws2_32

WSASocketA
closesocket
connect
gethostbyname
ioctlsocket
ntohs
recv
select
send
setsockopt
socket

wininet

InternetConnectA

wintrust

WinVerifyTrust

shell32

ShellExecuteA
StrRChrA

icmp

IcmpCloseHandle
IcmpCreateFile
IcmpSendEcho

Exports

Exports

AddProcessExclusion
GetChangeRect
GetChangedWindowList
IsTitleBarButtonPressed
RemoveProcessExclusion
SetButtonXOffset
SetSingleWindow
ShowTitleBarButton
StartHooks
StopHooks

Sections

.code
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

5a47d4f28fe20a0e99fea5427fb5eb94

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

wintrust

shell32

icmp

Exports

Exports

Sections

.code Size: 8KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 676B

.code
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 676B