b003fc6f32ccbb4f8f09d0e6555d8d6a4ed0af8ad550c7f6e88805dac3b82a13

General

Target

b003fc6f32ccbb4f8f09d0e6555d8d6a4ed0af8ad550c7f6e88805dac3b82a13
Size

27KB
MD5

78e786a856783a75a3ac2f0ae5d0a952
SHA1

172b01df743a3444f159535a6f63cda1f239633c
SHA256

b003fc6f32ccbb4f8f09d0e6555d8d6a4ed0af8ad550c7f6e88805dac3b82a13
SHA512

700000db5ff327d3d73ca144a5112c9c68aa6db6d6e8163357d78ebe0ed88e64b747093ffb1f99351fb834008b9c45e5a702f57dab1f675e3e636cda20eeca74
SSDEEP

768:UbKM9nYYyWYRTt/8a3+FkWGbVBkxkBBQARQkrp9IEr:CKM9nWYkHkWBBQAR7x

Score

N/A

Malware Config

Signatures

Files

b003fc6f32ccbb4f8f09d0e6555d8d6a4ed0af8ad550c7f6e88805dac3b82a13
.dll windows x86

f7213d40ea65cbbf11e766d3060034f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strstr
RtlUnwind
atoi
memcmp
memcpy
_snprintf
RtlZeroMemory

ws2_32

gethostbyname
connect
gethostname
send
closesocket
htons
inet_addr
recv
socket

shlwapi

PathFileExistsA

kernel32

UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpynA
WriteFile
VirtualProtectEx
VirtualFree
CloseHandle
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
TerminateThread
WaitForSingleObject
WideCharToMultiByte
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
IsBadReadPtr
CreateFileA
CreateProcessA
DeleteFileA
GetExitCodeThread
VirtualAlloc
GetStartupInfoA
GetTempFileNameA
GetTempPathA
ReadFile
GetFileSize

user32

UnhookWindowsHookEx
SetWindowsHookExA
SetTimer
SendMessageA
RegisterWindowMessageA
wsprintfA
CallNextHookEx
GetWindowThreadProcessId
KillTimer

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

ole32

StringFromGUID2

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7213d40ea65cbbf11e766d3060034f0

Headers

File Characteristics

Imports

ntdll

ws2_32

shlwapi

kernel32

user32

advapi32

ole32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 704B

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 704B