c2a1c5aaccf1638bb6d3d2e4abee0d47a9b69cef662f6155331d3effd81dbb7c

General

Target

c2a1c5aaccf1638bb6d3d2e4abee0d47a9b69cef662f6155331d3effd81dbb7c
Size

36KB
MD5

73c13532c47f77adc61fbe921aec445f
SHA1

daa32b613636ab2d0d69b2e0f047911ad590ae94
SHA256

c2a1c5aaccf1638bb6d3d2e4abee0d47a9b69cef662f6155331d3effd81dbb7c
SHA512

18dd3bc0af51520fb08eecd7ba2ad8afa28001b506505a03feb34b89cfff6e9d32c81d068ca0e5c42c897c02d64238148c7cb34d5b5da8bb337efcb79e658907
SSDEEP

768:v6Dvo7/WtHVSriNbO9tv4FGwwkJZDFuaDBBQARQkSmKMenYXa:Ggz0NbiUBBQARVKMen

Score

N/A

Malware Config

Signatures

Files

c2a1c5aaccf1638bb6d3d2e4abee0d47a9b69cef662f6155331d3effd81dbb7c
.dll windows x86

094e15b7624ce74d1cfa4373f25ff814

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memcmp
strstr
_snprintf
RtlZeroMemory
RtlUnwind
strlen

ws2_32

gethostname

kernel32

CreateFileA
IsBadReadPtr
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualProtectEx
UnmapViewOfFile
ReadFile
MoveFileExA
MapViewOfFile
GetTempPathA
GetTempFileNameA
CloseHandle
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GlobalAlloc
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
ReadProcessMemory
Sleep
VirtualAlloc
VirtualFree
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CreateFileMappingA
CreateProcessA
DeleteFileA
GetExitCodeThread
GetFileSize
GetLastError
GetStartupInfoA

user32

EnumWindows
GetWindowLongA
GetWindowTextA
GetWindowThreadProcessId
KillTimer
SetTimer
SetWindowLongA
CallNextHookEx
RegisterWindowMessageA
SendMessageA
UnhookWindowsHookEx
wsprintfA
CallWindowProcA

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

094e15b7624ce74d1cfa4373f25ff814

Headers

File Characteristics

Imports

ntdll

ws2_32

kernel32

user32

Sections

.text Size: 25KB - Virtual size: 24KB

.bss Size: - Virtual size: 12B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 25KB - Virtual size: 24KB

.bss
Size: - Virtual size: 12B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 828B