039baf6ff632b2ee3ddd5fd061041428c2ed2c3c249f46076536c3be8b9b36a1

Sharing

Copy URL Twitter E-mail

General

Target

039baf6ff632b2ee3ddd5fd061041428c2ed2c3c249f46076536c3be8b9b36a1
Size

26KB
MD5

94502abe34c606f5e6ed6ade02b54632
SHA1

cd06bb533092b35f949a759c2257a8b1e9ac826c
SHA256

039baf6ff632b2ee3ddd5fd061041428c2ed2c3c249f46076536c3be8b9b36a1
SHA512

82095330495f021aed573a25ba937a407d041bb4fb844e441a1c1de8402a35ba3d6084bf2db1257e89b3e4d1defdd53a2d58cc6f989c67981796c52cad00d28b
SSDEEP

384:HLksUhEkzzKuXa5zCz3MdPXNZKR3odF7c3r90m8PLd6UaWc1WGYSh7qVaeZ5+:KhE2zKEz3M4o1GmmYwD3dwaq5+

Score

N/A

Malware Config

Signatures

Files

039baf6ff632b2ee3ddd5fd061041428c2ed2c3c249f46076536c3be8b9b36a1
.dll windows x86

0ff5c677103d3a3c3ada94c692348bbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
DeleteFileA
ExitProcess
GetModuleFileNameA
VirtualAlloc
GetSystemTime
lstrlenA
LocalAlloc
ReadFile
SetFilePointer
TerminateProcess
lstrlenW
VirtualQuery
GlobalMemoryStatus
GetSystemInfo
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
GetCurrentDirectoryA
CreateThread
DisableThreadLibraryCalls
FreeResource
SizeofResource
LoadResource
FindResourceA
WinExec
IsBadReadPtr
OpenFileMappingA
GetModuleHandleA
GetFileAttributesA
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
Sleep
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
VirtualProtect
CloseHandle

user32

UnhookWindowsHookEx
GetClipboardData
GetDC
ReleaseDC
CloseClipboard
keybd_event
DrawTextA
SetWindowsHookExA
CallNextHookEx
CharLowerA
FillRect
OpenClipboard

msvcrt

_purecall
memmove
atoi
sprintf
strstr
memcpy
_itoa
strcpy
strcat
strncpy
free
strcmp
__CxxFrameHandler
strlen
??2@YAPAXI@Z
memset
malloc
wcscmp
??3@YAXPAX@Z
_EH_prolog

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile
InternetCloseHandle

gdi32

DeleteDC
GetObjectA
GetStockObject
SetTextColor
GetDIBits
GetDeviceCaps
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteObject
SetBkColor
SelectPalette
RealizePalette
CreateFontA

gdiplus

GdiplusShutdown
GdiplusStartup
GdipSaveImageToFile
GdipLoadImageFromFile
GdipCloneImage
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAlloc

netapi32

Netbios

Exports

Exports

SetHook
UnHook

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ff5c677103d3a3c3ada94c692348bbb

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

wininet

gdi32

gdiplus

netapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB