b8521797a30c95268f6f8acc6756f7622ec55bb5285ad2797a2c95245b5e2598

Sharing

Copy URL Twitter E-mail

General

Target

b8521797a30c95268f6f8acc6756f7622ec55bb5285ad2797a2c95245b5e2598
Size

63KB
MD5

b6368c8fea037c04bf2b9eb613ac1c38
SHA1

6b4f7f81b09a1df5275f7ec4640507d4f5facfcc
SHA256

b8521797a30c95268f6f8acc6756f7622ec55bb5285ad2797a2c95245b5e2598
SHA512

27ec4136db8de65bd223cc24750c7db1dc614fe0f3e66db3fbea2278a38bbcfddfd7af512c85fb9dcff9d858def17fa5312f581fe15074060a996d56fe98953f
SSDEEP

768:ybYf4tENuelQPn41G+yPHESQMOJidx8ahkTGiknuR6ibl8:Kw4tENu+A4zyPkqOJiv8eikukih8

Score

N/A

Malware Config

Signatures

Files

b8521797a30c95268f6f8acc6756f7622ec55bb5285ad2797a2c95245b5e2598
.dll windows x86

504919294020906e587b75f8fae80444

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GetBinaryTypeA
GetTickCount
GetTempPathA
CloseHandle
ResumeThread
SetThreadContext
GetThreadContext
SuspendThread
OpenThread
DebugActiveProcessStop
DeleteFileA
ReadProcessMemory
WaitForDebugEvent
DebugSetProcessKillOnExit
OpenProcess
DebugActiveProcess
CreateThread
GetCurrentProcessId
GetCurrentProcess
GetModuleFileNameA
Sleep
LoadLibraryA
GetLocalTime
lstrcmpiA
GetSystemInfo
GetVersionExA
GetModuleHandleA
GetProcAddress
ContinueDebugEvent

user32

DispatchMessageA
TranslateMessage
GetMessageA
SetWindowsHookExA
CallNextHookEx
wsprintfA
GetSystemMetrics
CharLowerA

advapi32

OpenProcessToken
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegCloseKey

msvcrt

_adjust_fdiv
calloc
_stricmp
_initterm
_splitpath
fopen
sprintf
atoi
??2@YAPAXI@Z
strchr
strncmp
rename
_access
strstr
wcslen
free
malloc
fclose

netapi32

Netbios

ws2_32

closesocket
recvfrom
sendto
connect
recv
send
socket
inet_addr
setsockopt
htons
gethostbyname
WSAStartup

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

AR
GetVer
w

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SKYER
Size: 4KB - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504919294020906e587b75f8fae80444

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

netapi32

ws2_32

version

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 10KB

SKYER Size: 4KB - Virtual size: 114B

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 4KB - Virtual size: 884B

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 10KB

SKYER
Size: 4KB - Virtual size: 114B

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 4KB - Virtual size: 884B