c2a85378b93f31c039566a6991eed51ae897ef82f8fb2b48cf7d92aa29c24cde

General

Target

c2a85378b93f31c039566a6991eed51ae897ef82f8fb2b48cf7d92aa29c24cde
Size

20KB
MD5

518b9cbbcb4f3e7fd6b062414c4c4a99
SHA1

4da6758f1805a7fb883512529018905d1cdee39b
SHA256

c2a85378b93f31c039566a6991eed51ae897ef82f8fb2b48cf7d92aa29c24cde
SHA512

c344f726938bc95de0e826d90f4bb69b53f4dea8f38973bfbd4f0c1065d152f4af803f36caf156daf5f6284e689eecee54b7f15a085d7a9e99db61ca4eaad755
SSDEEP

384:EpKqfDsJTGQsQI4tXZzJF4Yf77c9wQoFtTGy:EpKqERj5ZzJF4Yf77c9HoFQy

Score

N/A

Malware Config

Signatures

Files

c2a85378b93f31c039566a6991eed51ae897ef82f8fb2b48cf7d92aa29c24cde
.dll windows x86

0f4ae315d41aa6f6eb471d218b12556d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalUnlock
WriteFile
CreateFileA
GlobalLock
GlobalAlloc
CloseHandle
Thread32Next
SuspendThread
Thread32First
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetSystemDirectoryA
ReadProcessMemory
GetModuleHandleA
CreateProcessA
Sleep
CreateThread
ExitThread
WriteProcessMemory
LoadLibraryA
GetProcAddress
OutputDebugStringA
DeleteFileA

user32

IsRectEmpty
GetDC
ReleaseDC
CallNextHookEx
GetWindowTextA
GetActiveWindow
SetWindowsHookExA
UnhookWindowsHookEx
TranslateMessage
DispatchMessageA
GetMessageA

gdi32

GetStockObject
SelectObject
CreateCompatibleBitmap
CreateDCA
CreateCompatibleDC
GetDeviceCaps
DeleteDC
GetObjectA
GetDIBits
RealizePalette
SelectPalette
BitBlt

ws2_32

WSAStartup
socket
inet_addr
gethostbyname
connect
send
closesocket
WSACleanup
htons

wininet

HttpSendRequestW

msvcrt

fclose
fread
fopen
sprintf
_except_handler3
fwrite

Exports

Exports

Hook
Stop

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f4ae315d41aa6f6eb471d218b12556d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

Shared Size: 512B - Virtual size: 320B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

Shared
Size: 512B - Virtual size: 320B

.reloc
Size: 2KB - Virtual size: 1KB