bc4efad76a58c65c63699064ce69a18206ecb9deb46cc2726ceb52c0d2fc256e

Sharing

Copy URL Twitter E-mail

General

Target

bc4efad76a58c65c63699064ce69a18206ecb9deb46cc2726ceb52c0d2fc256e
Size

92KB
MD5

bc31226e6c674df11fadfb2b390da0d0
SHA1

a203047e96bbbff6eca539ffd867c89df4f75c9c
SHA256

bc4efad76a58c65c63699064ce69a18206ecb9deb46cc2726ceb52c0d2fc256e
SHA512

695e0f7b235586ca77aba519199743e14c810006ac1089a6f37099327be4fa189365a9bd03b94fd72cdba3dc25bb0beb649d298ad357125566e325d3d238e014
SSDEEP

1536:p96FfbhTOd+EuxaUvKktFVR6AUiC10UT7mM6UIoZozV5reetVnR:p9IfbkIrqwyELJtVnR

Score

N/A

Malware Config

Signatures

Files

bc4efad76a58c65c63699064ce69a18206ecb9deb46cc2726ceb52c0d2fc256e
.dll windows x86

649b0007bedf1c610cf4b0fa67ab3ac8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetCurrentProcessId
OutputDebugStringA
ReadFile
VirtualProtectEx
Module32Next
Module32First
CreateToolhelp32Snapshot
GetProcAddress
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetCurrentDirectoryA
GetCurrentProcess
TerminateProcess
WideCharToMultiByte
CreateThread
DeleteFileA
GetTempPathA
Sleep
MultiByteToWideChar
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
CloseHandle
lstrcmpiA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
RtlUnwind
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
HeapReAlloc
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType

user32

ReleaseDC
wsprintfA
GetWindowRect
GetDC
GetDesktopWindow
DrawTextA
FillRect
CallNextHookEx
GetClassNameA
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx

gdi32

SetBkColor
SetTextColor
CreateFontA
CreateDCA
GetDeviceCaps
DeleteDC
GetObjectA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
CreateSolidBrush

wininet

InternetConnectA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetReadFile
HttpOpenRequestA

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusShutdown
GdipSaveImageToFile
GdipLoadImageFromFile
GdiplusStartup
GdipFree
GdipDisposeImage
GdipCloneImage
GdipAlloc

iphlpapi

GetAdaptersInfo

Exports

Exports

SetHook
UnHook

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d9dl
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

649b0007bedf1c610cf4b0fa67ab3ac8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wininet

gdiplus

iphlpapi

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 23KB

.d9dl Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 23KB

.d9dl
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB