d6519da8500d9587dd53d38e9bad81aebcc7ca2633e03bb40c29976122ab37ee

General

Target

d6519da8500d9587dd53d38e9bad81aebcc7ca2633e03bb40c29976122ab37ee
Size

44KB
MD5

ecd4fa06a9723b834e6a2bb40187cff6
SHA1

bfdc1a19de810f7222cd6fee8ad0671199037987
SHA256

d6519da8500d9587dd53d38e9bad81aebcc7ca2633e03bb40c29976122ab37ee
SHA512

1101b7f44f85bc24b8352fbbcd61e29e1551817ff187e9cde8b128de7d1c8d0ac91616ca4d65b8fc725c23b5afb5e607f4563986458eba3d19836e32a7178569
SSDEEP

384:obfgYeRd4ki3a8pKc2Ta2oZeQVz78t0XLSUn0L8kXx4sJB8P1f/JhtQ1v1Dl/tcV:VRd4kica2fWguSUnSV38P9/JwXDI7

Score

N/A

Malware Config

Signatures

Files

d6519da8500d9587dd53d38e9bad81aebcc7ca2633e03bb40c29976122ab37ee
.dll windows x86

310bf5917514ad8c9a75c3734c3c8a6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetLastError
CreateMutexA
SetLastError
CloseHandle
WaitForSingleObject
ReleaseMutex
SetEvent
GetVolumeInformationA

user32

GetWindowLongA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA

msvcrt

memmove
strncpy
??2@YAPAXI@Z
__CxxFrameHandler
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_CxxThrowException
??1exception@@UAE@XZ
free
strlen
memcpy
memset
sprintf
strchr
_onexit
malloc
??1type_info@@UAE@XZ
__dllonexit
_initterm
_adjust_fdiv

Exports

Exports

set_create_window_hook
unset_create_window_hook

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

310bf5917514ad8c9a75c3734c3c8a6c

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4KB

Shared Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.pdata Size: - Virtual size: 52KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

Shared
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

.pdata
Size: - Virtual size: 52KB