cc845e247c96624edc0e6929c383f5b194c48935d802913a042626bdfc919d03

Sharing

Copy URL Twitter E-mail

General

Target

cc845e247c96624edc0e6929c383f5b194c48935d802913a042626bdfc919d03
Size

44KB
MD5

62a637159456a9213872b566dc91a27d
SHA1

43a770a10f53416fd08a7a83457f7594d1b4a041
SHA256

cc845e247c96624edc0e6929c383f5b194c48935d802913a042626bdfc919d03
SHA512

0f7b2738b567be146c538a0412628e72e49c0561f83f67b7c5bbf2b85d412e14452d9e0572729bfe0c2a96f8564ff26d31388c062aabcefa5098c610014d2a98
SSDEEP

768:3Ryjf8AZdyWWOT7gxwz7JsBpbSyAkGTIoVpmQj:hyjf8AZ0WWOT7gUJsH6TIoSQ

Score

N/A

Malware Config

Signatures

Files

cc845e247c96624edc0e6929c383f5b194c48935d802913a042626bdfc919d03
.dll windows x86

33b3c01cae40a53287a1d912cea843e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
DisableThreadLibraryCalls
GetSystemTime
DeleteFileA
CloseHandle
GlobalFree
GetComputerNameA
ReadFile
GlobalAlloc
GetFileSize
CreateFileA
Sleep
lstrcpyA
lstrcmpA
GetSystemDirectoryA
lstrcmpiA
WaitForSingleObject
OpenMutexA
LCMapStringA
SetEndOfFile
SetFilePointer
RtlUnwind
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
lstrcatA
CopyFileA
lstrlenA
CreateMutexA
GetLastError
ReleaseMutex
CreateThread
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LCMapStringW
WriteFile
VirtualFree
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate

user32

GetWindowTextA
DispatchMessageA
GetMessageA
wsprintfA
SetWindowsHookExA
IsCharAlphaNumericA
CallNextHookEx
CharUpperA
GetKeyNameTextA
GetForegroundWindow

advapi32

RegQueryValueExA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyA

wsock32

send
WSACleanup
closesocket
recv
connect
gethostbyname
htons
socket
WSAStartup

wininet

InternetGetConnectedState

Exports

Exports

??4CKsl2@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33b3c01cae40a53287a1d912cea843e6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

wininet

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 8KB

.shared Size: 4KB - Virtual size: 328B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 8KB

.shared
Size: 4KB - Virtual size: 328B

.reloc
Size: 4KB - Virtual size: 1KB