5ced168a8122ba90ac1e173a4db2e9798afb1c8136ac0876b5936a65b6a9c3e3

Sharing

Copy URL

Twitter E-mail

General

Target

5ced168a8122ba90ac1e173a4db2e9798afb1c8136ac0876b5936a65b6a9c3e3
Size

48KB
MD5

3933a49fc55c4db6f2410db3789ec4d0
SHA1

82447e78eec71d1104ea6b292289f8c44e01fba3
SHA256

5ced168a8122ba90ac1e173a4db2e9798afb1c8136ac0876b5936a65b6a9c3e3
SHA512

0339994bae875d1dc0aeec270b2ed1541c6cbbb9657674d0bc13a1faa6a035b02aabac9b79d56095d82ebc6bfcda83beb540bddd09e51b317907c1aec6c45a58
SSDEEP

768:LgNTT4aHr3BH7zX7S5aWR6HF3hLP2FXKIuuzwJ:LgxXIaWoHFNP2cIu

Score

N/A

Malware Config

Signatures

Files

5ced168a8122ba90ac1e173a4db2e9798afb1c8136ac0876b5936a65b6a9c3e3
.dll windows x86

e749f02f61adb07a7785dd798383b7a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

user32

MapVirtualKeyA
GetActiveWindow
GetWindowTextA
GetKeyNameTextA
GetAsyncKeyState
GetKeyboardState
ToAscii
CallNextHookEx
SetWindowsHookExA
GetMessageA
DispatchMessageA
TranslateMessage
UnhookWindowsHookEx
CharToOemA
wsprintfA
IsCharAlphaNumericA

oleaut32

GetErrorInfo

msvcrt

_snprintf
localtime
_strnicmp
_purecall
??3@YAXPAX@Z
_CxxThrowException
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
fopen
fwrite
fclose
time
difftime
_stricmp
realloc
free
strrchr
__CxxFrameHandler
strstr
strncpy
sprintf
atoi
??2@YAPAXI@Z

kernel32

GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetVersion
GetVolumeInformationA
CreateProcessA
SetFilePointer
WriteFile
DeleteFileA
GetComputerNameA
GetTickCount
CreateFileMappingA
MapViewOfFile
OpenProcess
Sleep
GetModuleFileNameA
CreateMutexA
GetLastError
CreateThread
TerminateThread
GetVersionExA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
GetFileSize
ReadFile
CloseHandle
LoadLibraryA
GetProcAddress
LocalFree
FreeLibrary
lstrlenA
lstrcmpA
lstrcpynA
lstrcpyA
lstrcatA
GetProcessHeap
HeapAlloc
HeapSize
HeapReAlloc
HeapFree

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e749f02f61adb07a7785dd798383b7a4

Headers

File Characteristics

Imports

wininet

advapi32

user32

oleaut32

msvcrt

kernel32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 44KB

idata Size: 4KB - Virtual size: 268B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 44KB

idata
Size: 4KB - Virtual size: 268B

.reloc
Size: 4KB - Virtual size: 2KB