a63b57175697d5cbf931888e04cdcccce4464de4d83a4278bec6d681d06637f4

General

Target

a63b57175697d5cbf931888e04cdcccce4464de4d83a4278bec6d681d06637f4
Size

60KB
MD5

ec18c4682c99b50110d6a03da77ec269
SHA1

872befe9c36b66789ac13e667a8abc38599e63f9
SHA256

a63b57175697d5cbf931888e04cdcccce4464de4d83a4278bec6d681d06637f4
SHA512

128b125e9f3a4d8f763d37ade85403da81673197b161bbbe24db11abcbd72a795a078b567acea3ce3c00365eabec65f29e470c775b6bc1fb3209e7893b9d7a7d
SSDEEP

768:fC71u4ZVLC+SPWUvVV3bKNVB1BBr4JBWjwodirQcdBTGxdpA8JBoH:qpu4PdIRv8B1BBr4J4ttcdBT+dC8joH

Score

N/A

Malware Config

Signatures

Files

a63b57175697d5cbf931888e04cdcccce4464de4d83a4278bec6d681d06637f4
.exe windows x86

9d9d2c7a757a9545550983296188d5a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
ReleaseMutex
GetLastError
CreateMutexA
FlushFileBuffers
SetStdHandle
SetFilePointer
CopyFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
InterlockedIncrement
OutputDebugStringA
InterlockedDecrement
lstrcatA
lstrcpyA
CreateThread
WaitForSingleObject
GetModuleHandleA
LoadLibraryA
DebugBreak
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
HeapValidate
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
WriteFile
IsBadWritePtr
IsBadReadPtr
CloseHandle

user32

CallNextHookEx
GetAsyncKeyState
DispatchMessageA
TranslateMessage
GetMessageA
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
FindWindowA
GetForegroundWindow
GetDC

gdi32

GetPixel

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

wsock32

WSACleanup
closesocket
send
connect
ioctlsocket
htons
socket
WSAStartup

Exports

Exports

?KeyEvent@@YGJHIJ@Z
?MouseEvent@@YGJHIJ@Z

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9d9d2c7a757a9545550983296188d5a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wsock32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 18KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 18KB