d76442bb94dc764a533771a455f0cff27c6c69e124f689866ece92d16bb9f21d

Sharing

Copy URL Twitter E-mail

General

Target

d76442bb94dc764a533771a455f0cff27c6c69e124f689866ece92d16bb9f21d
Size

72KB
MD5

fc28aeafc24cdc7a492c2a7f65ecb1fa
SHA1

1139c29f48dc6e668180c10f54cc1d0344286a77
SHA256

d76442bb94dc764a533771a455f0cff27c6c69e124f689866ece92d16bb9f21d
SHA512

e2eb958e15459ee9eda98086354e885fd20d0542a31d4b8927d74b59ee81aeb43a90f9b95b3e02f70ce5349b45c4dfc88325e64f0f3b40ef673d87e416e60a5d
SSDEEP

1536:DTsnhXMA+81Ob2CL3Od7ozbGtY55bIJDoQt:3G/+b3ljxIJDoQ

Score

N/A

Malware Config

Signatures

Files

d76442bb94dc764a533771a455f0cff27c6c69e124f689866ece92d16bb9f21d
.dll windows x86

13c2d2a6410d8bb0f61d92ea65475802

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getpeername
getservbyport
ntohs
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
inet_addr
WSAGetLastError

shlwapi

SHGetValueA
StrCmpNIA
SHQueryInfoKeyA
PathCombineA
StrStrA
StrStrIA
PathFindFileNameA

kernel32

LCMapStringA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
lstrlenA
WriteProcessMemory
GetCurrentProcess
ReadProcessMemory
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
GlobalFree
LCMapStringW
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
lstrcpyA
lstrcmpiA
OpenMutexA
GetCurrentProcessId
GetLastError
GetFileSize
lstrcpynA
FreeLibrary
GetSystemDirectoryA
FindClose
FindNextFileA
FindFirstFileA
SetStdHandle
FlushFileBuffers
CloseHandle
GetCommandLineA
GetLocaleInfoA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
GetCurrentThreadId
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapReAlloc
ExitProcess
TerminateProcess
HeapSize
InterlockedExchange
VirtualQuery
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetCPInfo

user32

wsprintfA
CallNextHookEx

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

Exports

Exports

DebugProc
ImportFunction
ghHook

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13c2d2a6410d8bb0f61d92ea65475802

Headers

File Characteristics

Imports

ws2_32

shlwapi

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 58KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 58KB

.reloc
Size: 8KB - Virtual size: 5KB