76cf8c74ca0258ba8a59f57e64c3dbf1d77d783331f626c633c160896db22721

General

Target

76cf8c74ca0258ba8a59f57e64c3dbf1d77d783331f626c633c160896db22721
Size

28KB
MD5

916b18295e72859d06d53653afee0c35
SHA1

8b22fc9ebad313eddfb1942da78d83d0d6e145dd
SHA256

76cf8c74ca0258ba8a59f57e64c3dbf1d77d783331f626c633c160896db22721
SHA512

18d0d3d086e9c95775ed8697c497436e9dbf110aa2dbf3fcf3903d51d3cf1698acf9786c48ed7e5c82ee4b36695581f9a78082df2e4fa724f6f888c334940c5c
SSDEEP

96:4k3IOIT00cZElLh4Itl2qxGUqoDOvwwwniqnA7ug:iOITb4E/4ItaU3Sv1wiqA7ug

Score

N/A

Malware Config

Signatures

Files

76cf8c74ca0258ba8a59f57e64c3dbf1d77d783331f626c633c160896db22721
.dll windows x86

961b8b0c49452beaad9d70290ba0a75d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord825
ord1168
ord1253
ord342
ord823
ord1182
ord941
ord939
ord6385
ord2915
ord800
ord858
ord2820
ord3811
ord5186
ord354
ord2764
ord860
ord540
ord537
ord1979
ord3663
ord665
ord535

msvcrt

_except_handler3
?terminate@@YAXXZ
free
_initterm
malloc
_adjust_fdiv
memset
sprintf
_strdup
_strlwr
__CxxFrameHandler
strlen
_strupr
_EH_prolog

user32

MapVirtualKeyA
CallNextHookEx
GetKeyState
GetWindowTextA
GetActiveWindow
GetWindowLongA
FindWindowExA
UnhookWindowsHookEx
GetFocus
SetWindowsHookExA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA

Exports

Exports

??0CHook@@QAE@XZ
??1CHook@@UAE@XZ
??_7CHook@@6B@
?HookInstaller@CHook@@QAEPAUHHOOK__@@XZ
?HookUninstaller@CHook@@QAEHXZ
_HookProc@12
_KeyboardProc@12

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

961b8b0c49452beaad9d70290ba0a75d

Headers

File Characteristics

Imports

mfc42

msvcrt

user32

advapi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 236B

Shared Size: 4KB - Virtual size: 20B

.rsrc Size: 4KB - Virtual size: 904B

.reloc Size: 4KB - Virtual size: 516B

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 236B

Shared
Size: 4KB - Virtual size: 20B

.rsrc
Size: 4KB - Virtual size: 904B

.reloc
Size: 4KB - Virtual size: 516B