cb0277f86026cb90ce010620039191c9c5d59ad6081170958469b062eb8900b9

Sharing

Copy URL Twitter E-mail

General

Target

cb0277f86026cb90ce010620039191c9c5d59ad6081170958469b062eb8900b9
Size

19KB
MD5

7e06015dfe6a78c193aab1e9c175bbec
SHA1

504557c0d410a6d88c55070d5293261f2ee85823
SHA256

cb0277f86026cb90ce010620039191c9c5d59ad6081170958469b062eb8900b9
SHA512

12b6e8fe2d13f716b02ddde6b191be373e89e928183b1f7feba06005563d19ff2b771f23decdfa5b472e9b8204e22ce8d2d479169b29f857e4a8b82f5e100bcb
SSDEEP

384:PsrgwJZfpEAKgM1ERPmIHtfwesNq81+F79Do7D9068CLd6U9Wc1WAdLhZ:K9bnMVCtfGp1+1i7e6tNfPZ

Score

N/A

Malware Config

Signatures

Files

cb0277f86026cb90ce010620039191c9c5d59ad6081170958469b062eb8900b9
.dll windows x86

9f6a233510252bb6ed2142c376640704

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
lstrlenA
LocalAlloc
ReadFile
SetFilePointer
TerminateProcess
GetCurrentProcess
lstrlenW
VirtualQuery
GlobalMemoryStatus
GetSystemInfo
VirtualProtect
GetModuleFileNameA
GetSystemTime
GetFileSize
MapViewOfFile
CreateFileMappingA
GetCurrentDirectoryA
CreateThread
DisableThreadLibraryCalls
IsBadReadPtr
GetModuleHandleA
GetCommandLineA
ExitProcess
DeleteFileA
FreeLibrary
lstrcmpA
lstrcpyA
lstrcatA
LoadLibraryA
MultiByteToWideChar
Sleep
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
UnmapViewOfFile
CloseHandle

user32

CloseClipboard
ReleaseDC
GetDC
GetClipboardData
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
OpenClipboard
CharLowerA
keybd_event

msvcrt

??2@YAPAXI@Z
strlen
__CxxFrameHandler
_EH_prolog
_purecall
memmove
atoi
sprintf
strstr
memcpy
_itoa
strcpy
strcat
strncpy
strncmp
malloc
wcscmp
??3@YAXPAX@Z
memset

wininet

InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

gdi32

GetDIBits
SelectPalette
RealizePalette
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA
GetStockObject

gdiplus

GdipCloneImage
GdiplusShutdown
GdipDisposeImage
GdipFree
GdiplusStartup
GdipAlloc
GdipLoadImageFromFile
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageEncoders

netapi32

Netbios

Exports

Exports

SetHook
UnHook

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f6a233510252bb6ed2142c376640704

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

wininet

gdi32

gdiplus

netapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB