812d363bbbccc112158b0a0e368a403ac69ad0343f482c134282a2a0da062db2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

812d363bbbccc112158b0a0e368a403ac69ad0343f482c134282a2a0da062db2
Size

3KB
MD5

ab288e75aec950c979e66a66103b78a1
SHA1

5f083da78b659b250e94b259b097023d54b8a2bf
SHA256

812d363bbbccc112158b0a0e368a403ac69ad0343f482c134282a2a0da062db2
SHA512

98fcecea1525b80ec6c19860ab779bce99b9da8035e3d166d975a9d2cb8fd3fde8e6a49e9dfd8371f9f8b9862174716a4f3bee5a277894d6a0d154307ea90b3c

Score

N/A

Malware Config

Signatures

Files

812d363bbbccc112158b0a0e368a403ac69ad0343f482c134282a2a0da062db2
.dll windows x86

5d67ca2286452ee6c1a6d95cd09ea0b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
Sleep
GetLastError
lstrcmpiW
CreateMutexA
CloseHandle
CreateThread
HeapFree
lstrcpynW
GetProcAddress
VirtualAlloc
GetModuleHandleA
VirtualProtect
WriteProcessMemory
GetCurrentProcess
HeapAlloc
ReadProcessMemory

user32

SetWindowsHookExA
CallNextHookEx

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ