ecf92a2ceddae6ea19390681c5c6fffe984d331865b8183342e73e0100c18a6d

Sharing

Copy URL

Twitter E-mail

General

Target

ecf92a2ceddae6ea19390681c5c6fffe984d331865b8183342e73e0100c18a6d
Size

23KB
MD5

19fd011528b6c63fc5fb648b0199b843
SHA1

78d756839741b3f5c0adb909f436e89ef6bea520
SHA256

ecf92a2ceddae6ea19390681c5c6fffe984d331865b8183342e73e0100c18a6d
SHA512

26624343bfbb04e671a39260ad5de97ad6760f2234ea4cc7eec513d98c1b4ee8d2669ed235c7798e26e0f7d819ad69a4079b22517194725c81361e0504e4e9a4
SSDEEP

384:IaMaFUX6vIAhv/P18JfTuDGvq8JU3uohFhOYzaHCA4yfLPf9K+fUt:GgSkjCJfpyj+EzBzbA4sfU

Score

N/A

Malware Config

Signatures

Files

ecf92a2ceddae6ea19390681c5c6fffe984d331865b8183342e73e0100c18a6d
.dll windows x86

271512a278beb7e8b3685dbbcd9504cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileSize
ReadFile
CreateFileA
DeleteFileA
MultiByteToWideChar
GlobalFree
GlobalUnlock
WriteFile
GlobalLock
GlobalAlloc
GetTempPathA
GetTickCount
IsBadReadPtr
GetPrivateProfileStringA
GetModuleFileNameA
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
lstrcmpiA
lstrcpynA
lstrlenA
lstrcmpA
lstrcpyA
Sleep
ExitProcess
GetSystemDirectoryA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
OutputDebugStringA

user32

GetSystemMetrics
PostThreadMessageA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
EnumWindows
GetWindowTextA
GetWindowInfo
PrintWindow
IsRectEmpty
ReleaseDC
GetDC

gdi32

GetDIBits
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetQueryDataAvailable
InternetConnectA
InternetOpenA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpAddRequestHeadersA
InternetCloseHandle

msvcrt

free
strstr
malloc
atoi
memmove
??2@YAPAXI@Z
wcscmp
??3@YAXPAX@Z

gdiplus

GdiplusStartup
GdipFree
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFile
GdipSaveImageToFile
GdiplusShutdown
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAlloc

netapi32

Netbios

Exports

Exports

InstallService
wdof
wdon

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

271512a278beb7e8b3685dbbcd9504cc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wininet

msvcrt

gdiplus

netapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 20KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 20KB

.reloc
Size: 2KB - Virtual size: 2KB