af287ea4f1350cccd83d49f41733fe6750b3f40cd40531bb233747e143d90dbd

General

Target

af287ea4f1350cccd83d49f41733fe6750b3f40cd40531bb233747e143d90dbd
Size

20KB
MD5

55d308f64c57e382583eb18757abd535
SHA1

6651f5b570b57e4998c2bfe042732b7e59e20914
SHA256

af287ea4f1350cccd83d49f41733fe6750b3f40cd40531bb233747e143d90dbd
SHA512

ed2fb62c2b2dc5c29bd5a02356657ba05569241fc19b2892b887a1b6e2fc2708a1b5fecd7552dce31e377c6b67a40002206ec229574906172d0acf57826e90f3
SSDEEP

384:3i5lOwy/HmXfNsU4WqTRsUzlkY1O5JpJgLa0MpFA:hT/HmXf6fRsUzmtLgLa1o

Score

N/A

Malware Config

Signatures

Files

af287ea4f1350cccd83d49f41733fe6750b3f40cd40531bb233747e143d90dbd
.dll windows x86

4bd07b186d4c456cbfce92067bce24a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shell32

ord680
SHGetSpecialFolderPathA

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegNotifyChangeKeyValue

user32

UnhookWindowsHookEx
SetWindowsHookExA
SetWindowTextA
GetWindowTextA
GetParent
GetFocus
GetClassNameA
FindWindowA
EnumChildWindows
CharLowerBuffA
CallWindowProcA
CallNextHookEx
wsprintfA

kernel32

GetTempPathA
GlobalAddAtomA
GlobalFindAtomA
CloseHandle
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
Sleep
SetFilePointer
SetFileAttributesA
RtlFillMemory
GetProcAddress
CreateFileA
CreateThread
DeleteFileA
ExitThread
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA

shlwapi

StrToIntA
StrTrimA
StrStrA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bd07b186d4c456cbfce92067bce24a1

Headers

File Characteristics

Imports

wininet

shell32

advapi32

user32

kernel32

shlwapi

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 860B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 860B