bca2c49edbae9b3abb7a0980a4e8186c701ea037e955f03a2e8303371123bf1f

General

Target

bca2c49edbae9b3abb7a0980a4e8186c701ea037e955f03a2e8303371123bf1f
Size

11KB
MD5

11959f98e39d253931b4e0bf44e85936
SHA1

8c5e02b1b979c90bdf80d3e4c6d600b1e4880cda
SHA256

bca2c49edbae9b3abb7a0980a4e8186c701ea037e955f03a2e8303371123bf1f
SHA512

1e681df90628ca20dde332ab320b2d2883a2fe6ec04c0957e5a6ad6e1a90e1a835a37d15a0d9eeb861144d4d1b7aee43f65c9da92b21894a3c9904b094e0fe7a
SSDEEP

192:NNF8yR+PbIvzRZPDf+OIZlNnmH2Mw5iNbgxNs4eC:d8q+PQzRZPDf+Oc1O9NbgxNaC

Score

N/A

Malware Config

Signatures

Files

bca2c49edbae9b3abb7a0980a4e8186c701ea037e955f03a2e8303371123bf1f
.dll windows x86

8210e54a1b0d1ba6e385f426af3ac98b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
CreateThread
ExitProcess
ExitThread
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
LoadLibraryA
MoveFileExA
RemoveDirectoryA
Sleep
VirtualProtect
lstrcatA
lstrcmpA
lstrlenW
RtlZeroMemory
GlobalFree

ntdll

RtlAdjustPrivilege

shell32

SHGetFolderPathA
ShellExecuteA

wininet

HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetReadFile
HttpOpenRequestA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA

user32

ExitWindowsEx
ShowWindow
SetWindowTextW
SetWindowLongA
SendMessageA
GetCursorPos
GetAsyncKeyState
CallWindowProcA
CreateDialogParamA
CreateDialogParamW
FindWindowW

wintrust

WinVerifyTrust

Exports

Exports

AddProcessExclusion
GetChangeRect
GetChangedWindowList
IsTitleBarButtonPressed
RemoveProcessExclusion
SetButtonXOffset
SetSingleWindow
ShowTitleBarButton
StartHooks
StopHooks

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8210e54a1b0d1ba6e385f426af3ac98b

Headers

File Characteristics

Imports

kernel32

ntdll

shell32

wininet

advapi32

user32

wintrust

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 692B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 692B