de092e54e5b27b3a9a09086b89eb1d74a9df3f9ced2d503422791a94b166d394

Sharing

Copy URL Twitter E-mail

General

Target

de092e54e5b27b3a9a09086b89eb1d74a9df3f9ced2d503422791a94b166d394
Size

19KB
MD5

8190378d642b767abfdd6994548b6482
SHA1

e74c8903412e12ea248af0c378ec779bcee47de5
SHA256

de092e54e5b27b3a9a09086b89eb1d74a9df3f9ced2d503422791a94b166d394
SHA512

7af2ea9d14ee0e6b5d0ddda1f34d2334997cbe6c1b088b2bfd1bd77078e226a8d7a820eda0e02047dc712abdc10a1b8f6bfc6f9c744aeb8731ba066ad4d37a61
SSDEEP

384:KeetC2MSXyhZJ61kebV1fRQ4G83rJ3kW:KeT2Mhhe/ZM4jJ3

Score

N/A

Malware Config

Signatures

Files

de092e54e5b27b3a9a09086b89eb1d74a9df3f9ced2d503422791a94b166d394
.dll windows x86

8d8479e04d4d73f8644546948103f121

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetWindowsDirectoryA
VirtualProtect
VirtualQuery
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
OpenProcess
Thread32Next
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
CreateThread
ExitThread
LoadLibraryA
OutputDebugStringA
Sleep

user32

CallNextHookEx
SetWindowsHookExA
TranslateMessage
DispatchMessageA
GetMessageA
MessageBoxA

ws2_32

WSAStartup
htons
inet_addr
gethostbyname
connect
send
closesocket
socket
WSACleanup

wininet

HttpSendRequestW
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
HttpSendRequestA

msvcrt

sprintf
_except_handler3
_local_unwind2

psapi

GetMappedFileNameA

winmm

timeGetTime

Exports

Exports

FURONGJIEJIE

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MaShared
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d8479e04d4d73f8644546948103f121

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

wininet

msvcrt

psapi

winmm

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 13KB

Shared Size: 512B - Virtual size: 64B

MaShared Size: 512B - Virtual size: 64B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 13KB

Shared
Size: 512B - Virtual size: 64B

MaShared
Size: 512B - Virtual size: 64B

.reloc
Size: 3KB - Virtual size: 2KB