916209f23914a20c2be37608f66bc802ff9636ea0e7bc6b8b41e9adeb721930e

General

Target

916209f23914a20c2be37608f66bc802ff9636ea0e7bc6b8b41e9adeb721930e
Size

20KB
MD5

956646cada873b5065350778d8842e8b
SHA1

332ce9eac98c21ccca09b3ae6552ea02ed2375cf
SHA256

916209f23914a20c2be37608f66bc802ff9636ea0e7bc6b8b41e9adeb721930e
SHA512

58e3d2b6b6b0d38b0252c1fd308a2a00f9364369de79de7940d21328e23ab86e8c7046ba42dc3e49f719376a4e94b134f4314df198753058f15dd257840ff692
SSDEEP

384:X/g2uLwHRR7NSqy8LsD1B36dj0RsUzbZY1u9JpJgLa0Mp5:MLoRR7NSqP21BSj0RsUz1JvgLa1

Score

N/A

Malware Config

Signatures

Files

916209f23914a20c2be37608f66bc802ff9636ea0e7bc6b8b41e9adeb721930e
.dll windows x86

85c83b277dbc74d44725c366c3cef260

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shell32

ord680
SHGetSpecialFolderPathA

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegNotifyChangeKeyValue

user32

UnhookWindowsHookEx
SetWindowsHookExA
SetWindowTextA
GetWindowTextA
GetParent
GetFocus
GetClassNameA
FindWindowA
EnumChildWindows
CharLowerBuffA
CallWindowProcA
CallNextHookEx
wsprintfA

kernel32

GlobalFindAtomA
LoadLibraryA
RtlFillMemory
CreateFileA
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
TerminateThread
Sleep
SetFilePointer
CloseHandle
GlobalAddAtomA
CreateThread
DeleteFileA
ExitThread
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempPathA
SetFileAttributesA

shlwapi

StrToIntA
StrTrimA
StrStrA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85c83b277dbc74d44725c366c3cef260

Headers

File Characteristics

Imports

wininet

shell32

advapi32

user32

kernel32

shlwapi

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 854B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 854B