d9c422ca08091cc475eeb565a7f04df168db8e5745f0201a4fb1209f50b41fb4

General

Target

d9c422ca08091cc475eeb565a7f04df168db8e5745f0201a4fb1209f50b41fb4
Size

20KB
MD5

3658c429e499bc8a801bde50155e6241
SHA1

d222006faedd31a958130e5b618edd64739ade8a
SHA256

d9c422ca08091cc475eeb565a7f04df168db8e5745f0201a4fb1209f50b41fb4
SHA512

46ed2bec12af6046b4cdbed008897a14d275c6e3fa9c9ca2993d55652532974fab9b128b93c49b14694012ab068858a19bdd89ac939d51f372a4a0a70805a813
SSDEEP

384:9EWER9OSwkFP4jhVQQ1B36FZ1Rs73LpY1u9JpJgLa0Mp9:uWEvrwkFP411B8Z1Rs731JvgLa13

Score

N/A

Malware Config

Signatures

Files

d9c422ca08091cc475eeb565a7f04df168db8e5745f0201a4fb1209f50b41fb4
.dll windows x86

350f57bdfd64227d8964436202c56b14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shell32

ord680
SHGetSpecialFolderPathA

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegNotifyChangeKeyValue

user32

UnhookWindowsHookEx
SetWindowsHookExA
SetWindowTextA
MessageBoxA
GetWindowTextA
GetParent
GetFocus
GetClassNameA
FindWindowA
EnumChildWindows
CharLowerBuffA
CallWindowProcA
CallNextHookEx
wsprintfA

kernel32

GetTempPathA
GlobalFindAtomA
GlobalGetAtomNameA
CreateFileA
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
Sleep
SetFilePointer
SetFileAttributesA
RtlFillMemory
CloseHandle
GetProcAddress
CreateThread
DeleteFileA
ExitThread
FreeLibrary
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA

shlwapi

StrToIntA
StrTrimA
StrStrA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350f57bdfd64227d8964436202c56b14

Headers

File Characteristics

Imports

wininet

shell32

advapi32

user32

kernel32

shlwapi

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 876B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 876B