f4e784b450d2df34c6b28e0078aae2c9dbc52f7e68275168e50538d365103d54

General

Target

f4e784b450d2df34c6b28e0078aae2c9dbc52f7e68275168e50538d365103d54
Size

10KB
MD5

850b760eb636b92ab6f3273a976c7b42
SHA1

98b9502007747ef1da2433b33708db91d3caaeb5
SHA256

f4e784b450d2df34c6b28e0078aae2c9dbc52f7e68275168e50538d365103d54
SHA512

16680ad130a691b9fbb0cdd9425c0f9ee4b67b884769a83f1adf55d1140f25388a387334a010267d05fdd2e0b7ea93c9a4227da15752973babd88bfad8dfed64
SSDEEP

96:e9yr7JhuQIWYu08lozbDA2zHUoNDtyvXMNsUeEdE7rDt0toscktpz6Q9WGPpSM:eo73/llKb0O08OXrrzrlscPxGPkM

Score

N/A

Malware Config

Signatures

Files

f4e784b450d2df34c6b28e0078aae2c9dbc52f7e68275168e50538d365103d54
.dll windows x86

d0c71302daf40fd7911ca60327188ca8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlZeroMemory
CreateDirectoryW
CreateThread
ExitThread
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetThreadPriority
GlobalFree
LoadLibraryA
MoveFileExA
RemoveDirectoryA
Sleep
VirtualProtect
WinExec
lstrcatA
lstrcmpA
lstrlenW
GlobalAlloc

ntdll

RtlAdjustPrivilege

shell32

SHGetFolderPathA
ShellExecuteA

wininet

InternetReadFile
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA

advapi32

RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

user32

SetWindowLongA
ExitWindowsEx
SetWindowTextW
ShowWindow
FindWindowW
SendMessageA
CallWindowProcA
CreateDialogParamW
CreateDialogParamA

wintrust

WinVerifyTrust

Exports

Exports

AddProcessExclusion
GetChangeRect
GetChangedWindowList
IsTitleBarButtonPressed
RemoveProcessExclusion
SetButtonXOffset
SetSingleWindow
ShowTitleBarButton
StartHooks
StopHooks

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0c71302daf40fd7911ca60327188ca8

Headers

File Characteristics

Imports

kernel32

ntdll

shell32

wininet

advapi32

user32

wintrust

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 556B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 556B