aae2e652857a557f4047ea425839e97bdc417c82e429c4bec4701fa54b7a0906

Sharing

Copy URL Twitter E-mail

General

Target

aae2e652857a557f4047ea425839e97bdc417c82e429c4bec4701fa54b7a0906
Size

56KB
MD5

c64afde7fab64b32e04b13ba6a781285
SHA1

6882657523f70bf8b113ed1b989e143277546725
SHA256

aae2e652857a557f4047ea425839e97bdc417c82e429c4bec4701fa54b7a0906
SHA512

e2c590a618218faefcb5eb5a5a01f1a89aa13a6f20f7e7dbc12581411619fd78c51cb0d9d6b0dc9bb3f471b57afd2256b775a188423cab3da0abcd28cfe7536c
SSDEEP

768:1uNUAtiuHWqkNoTcJw4BfPZG8N5hfX9n7UD2MhCOXQoP3:1YtsqpTcm8ZftnQ7+oP3

Score

N/A

Malware Config

Signatures

Files

aae2e652857a557f4047ea425839e97bdc417c82e429c4bec4701fa54b7a0906
.dll windows x86

cfdb12bc5b38387755f8d6332faac75c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
Module32Next
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
VirtualQuery
WriteProcessMemory
VirtualProtectEx
OpenProcess
lstrcmpiA
LoadLibraryA
GetSystemInfo
SetLastError
GetCurrentDirectoryA
WideCharToMultiByte
GetModuleHandleA
RtlUnwind
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
HeapFree
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
FindWindowA
SendMessageA
GetDesktopWindow
MessageBoxA

imagehlp

ImageDirectoryEntryToData

Exports

Exports

_LastMsgBoxInfo_HookAllApps@8

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfdb12bc5b38387755f8d6332faac75c

Headers

File Characteristics

Imports

kernel32

user32

imagehlp

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

Shared Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

Shared
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 3KB