8f69ee13f8a6a13e91c6f0d2d4b3adca5fd8a943f11547b2db4707603ef6c902

General

Target

8f69ee13f8a6a13e91c6f0d2d4b3adca5fd8a943f11547b2db4707603ef6c902
Size

32KB
MD5

e5d61b2b0a148423a04c11f7ca4d747b
SHA1

cfacecc9e4712eff7d71f7265075a2dc65daef83
SHA256

8f69ee13f8a6a13e91c6f0d2d4b3adca5fd8a943f11547b2db4707603ef6c902
SHA512

db685883f43942b4911675a9818212cc27c848a31c11992a09e6594f772ba0710a7b8260de5a1b25e2d7d7c561652745d6916b30cb9ffc2a47c10ade66cbd9c6
SSDEEP

192:j7Ccd4+dhqHwUcG473PKU6Rohamle9yMbQwBE+J40ca8v9+v1T7QLyj:j7Ccdprq+5P8KhaXnQwB0V9+93QLw

Score

N/A

Malware Config

Signatures

Files

8f69ee13f8a6a13e91c6f0d2d4b3adca5fd8a943f11547b2db4707603ef6c902
.dll windows x86

3699326666120ca7fc9212a6d5c84ec1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetCurrentProcessId
GetModuleFileNameA
GetTempPathA
GetCurrentProcess
Sleep
LoadLibraryA
GetTickCount
GetModuleHandleA
GetProcAddress
lstrcmpiA
GetSystemInfo
GetVersionExA
CloseHandle

user32

GetWindowThreadProcessId
EnumWindows
DispatchMessageA
GetClassNameA
GetWindowTextA
GetWindowTextLengthA
wsprintfA
CharLowerA
CallNextHookEx
SetWindowsHookExA
GetMessageA
TranslateMessage
GetSystemMetrics

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA

msvcrt

_stricmp
fclose
strstr
malloc
free
??2@YAPAXI@Z
??3@YAXPAX@Z
_except_handler3
sprintf
fopen
_splitpath
_initterm
_adjust_fdiv
fgets

Exports

Exports

AR
GetVer
w

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3699326666120ca7fc9212a6d5c84ec1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 4KB - Virtual size: 540B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 4KB - Virtual size: 540B