c28ce7647e5bc1ddb3e45e37c58fb6487f183310397bd0c5e4f274f3473f4bbc

General

Target

c28ce7647e5bc1ddb3e45e37c58fb6487f183310397bd0c5e4f274f3473f4bbc
Size

15KB
MD5

f9b6685f55e9311f5cdeb28228c63023
SHA1

3469ca6128c536d5ad4be0a247dd9e4127dcdabd
SHA256

c28ce7647e5bc1ddb3e45e37c58fb6487f183310397bd0c5e4f274f3473f4bbc
SHA512

f55a353a2d272c72a4f5add1e485eb3fb940ced65fed64e9b06131a2cb878e1fc0472d9972bd025567bed64538a4ba2826b1322de3951bfb95694b6cc536bfe7
SSDEEP

192:KLFScA8WBxxk5wcmGYh53aZZ/xBjru/Q4gdv9Hy60ISO53dx8ErkCxo9lp/VSq:6wkCcmZ53a3ru/FUyDhErkyo9lp/VH

Score

N/A

Malware Config

Signatures

Files

c28ce7647e5bc1ddb3e45e37c58fb6487f183310397bd0c5e4f274f3473f4bbc
.dll windows x86

d521a4e3a3af682b85e3a8c167936a88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

setsockopt
socket
recv
send
WSAStartup
htons
ioctlsocket
gethostbyname
inet_ntoa
connect
WSAGetLastError
select
shutdown
closesocket

kernel32

GlobalFree
SetFilePointer
RtlUnwind
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
lstrcpyA
ReadFile
CopyFileA
CloseHandle
SetEvent
GetProcAddress
LoadLibraryA
lstrcmpiA
WaitForSingleObject
CreateEventA
GetLastError
CreateMutexA
GetModuleFileNameA
GetModuleHandleA
DisableThreadLibraryCalls
DeleteFileA
GetTempPathA
FindFirstFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
WriteFile
lstrlenA
CreateThread
GlobalUnlock
GlobalAlloc
GlobalLock
GetPrivateProfileSectionA
WritePrivateProfileSectionA
lstrcatA
Sleep

user32

GetParent
GetWindowTextA
GetKeyState
CallNextHookEx
UnhookWindowsHookEx
BroadcastSystemMessageA
SetWindowsHookExA
wsprintfA
OpenClipboard
GetKeyNameTextA
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable

Exports

Exports

HP
HookProc
Init
InstallHook
RemoveHook
stub

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HookSec
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d521a4e3a3af682b85e3a8c167936a88

Headers

File Characteristics

Imports

wsock32

kernel32

user32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 2KB

.HookSec Size: 512B - Virtual size: 20B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 2KB

.HookSec
Size: 512B - Virtual size: 20B

.reloc
Size: 1KB - Virtual size: 1KB