ad9840e0ccaae3e9dc3f737302a9310ed8dcc6986bb24c9449d2385003bf7394

General

Target

ad9840e0ccaae3e9dc3f737302a9310ed8dcc6986bb24c9449d2385003bf7394
Size

20KB
MD5

490d47dba84c9d2ecced387fd55d54af
SHA1

a051830f6baeb233207e972fab871152478677c4
SHA256

ad9840e0ccaae3e9dc3f737302a9310ed8dcc6986bb24c9449d2385003bf7394
SHA512

b38c8623f92c2e29f038f319e703c358ba9e409e242e515ec2e3135c8ac116ce283c67ca985bd089abe17a139a00224591f0beed737fe279534d7269bb13b983
SSDEEP

192:OIhLB7qOahQJk5TsSCSRn89l6Xut14+vu2HRupG3s3USURqLDOJDKV9EEMyS35YK:lz7qOahjp646u2HRx3skSyq1V9XSJYK

Score

N/A

Malware Config

Signatures

Files

ad9840e0ccaae3e9dc3f737302a9310ed8dcc6986bb24c9449d2385003bf7394
.dll windows x86

593a36b893d2cde9206eae6a6a43ddbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_initterm
free
strncmp
strncpy
memcpy
strchr
atoi
fopen
fseek
fread
fclose
strrchr
_getpid
_strlwr
_stricmp
malloc
wcscmp
strstr
__CxxFrameHandler
abs
sprintf
strlen
_beginthreadex
??2@YAPAXI@Z
memset
strcat
??3@YAXPAX@Z
strcpy
strcmp

kernel32

WaitForSingleObject
GetFileSize
GetModuleHandleA
VirtualProtect
OpenProcess
TerminateProcess
ExitProcess
GetModuleFileNameA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
LoadLibraryA
GetPrivateProfileStringA
GetCurrentDirectoryA
CreateThread
CloseHandle
OutputDebugStringA
DeleteFileA
MultiByteToWideChar
GetSystemDirectoryA
Sleep
GetProcAddress

user32

RegisterWindowMessageA
DeregisterShellHookWindow
GetClientRect
GetDC
RegisterShellHookWindow
GetClassNameA
GetWindowTextA
SetWindowLongA
GetWindowRect
CallWindowProcA
ReleaseDC
GetDesktopWindow
EnumWindows
GetWindowThreadProcessId
GetParent

ws2_32

WSACleanup
send
recv
socket
inet_addr
htons
connect
gethostbyname
closesocket
inet_ntoa
WSAStartup

shell32

ShellExecuteA

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA

gdiplus

GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFile

Exports

Exports

KsCreateAllocator
KsCreateClock
KsCreatePin
KsCreateTopologyNode

Sections

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

593a36b893d2cde9206eae6a6a43ddbf

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ws2_32

shell32

gdi32

gdiplus

Exports

Exports

Sections

.data Size: 18KB - Virtual size: 17KB

.reloc Size: 1KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.reloc
Size: 1KB - Virtual size: 1KB