eae226245875597609e8d925bfa7b52c9b2af0b310fe044c7ed297f8b67f0489

General

Target

eae226245875597609e8d925bfa7b52c9b2af0b310fe044c7ed297f8b67f0489
Size

19KB
MD5

6b047522d3f2ba4a3a7a0f0dd6b5d619
SHA1

a9ca7c1fc8683aa7baed4a5fa24669c46fe26ea6
SHA256

eae226245875597609e8d925bfa7b52c9b2af0b310fe044c7ed297f8b67f0489
SHA512

828f8a19162c9914ed8e146081cb12631fd370000941ac93a639acf65cb5143b8c6d5a23dcb78b925a9d3abc9f92c1a474a67641ac51b8e7b0db796e0626966d
SSDEEP

384:/JlwGBOAQ8O917xN645MyFxJqr4g4AdX0Tya9C8owo5m:/JlinxN6MMyX40O0TMJwAm

Score

N/A

Malware Config

Signatures

Files

eae226245875597609e8d925bfa7b52c9b2af0b310fe044c7ed297f8b67f0489
.dll windows x86

1d8f6d21296a183cc8873f1aad09b108

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
CreateFileA
DeleteFileA
GetTempPathA
lstrcpynA
CreateThread
IsBadReadPtr
GetModuleHandleA
GetModuleFileNameA
VirtualProtect
CopyFileA
GetPrivateProfileStringA
GetCurrentProcessId
GetSystemTime
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
GetTickCount
lstrcmpiA
lstrlenA
Sleep
lstrcmpA
lstrcpyA
ExitProcess
GetSystemDirectoryA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA

user32

PostThreadMessageA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
MapVirtualKeyA
GetKeyboardState
ToAscii

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA

msvcrt

atoi
memmove
??2@YAPAXI@Z
sprintf
strstr

Exports

Exports

COMResModuleInstance
DeleteSelf
KsCreateAllocator
KsCreateClock
KsCreatePin
KsCreateTopologyNode
wwhkf
wwhko

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d8f6d21296a183cc8873f1aad09b108

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 2KB