d3aa3ba6c30957aa7987ecd94f4b101f2339734403714750f924bb638f1b0554

General

Target

d3aa3ba6c30957aa7987ecd94f4b101f2339734403714750f924bb638f1b0554
Size

23KB
MD5

ae93e74ddbc07ceb7158c50a182a4415
SHA1

def6b8a76ef68dba0d5e5038bc6effba9c5f3e5b
SHA256

d3aa3ba6c30957aa7987ecd94f4b101f2339734403714750f924bb638f1b0554
SHA512

aa77ed4d734ad0db6dcd0181fe9d8be321b63394738830ed58f3aabc5237b8a6e39c8492193da9815f7f8ebdd1e35fa6de1e1576b1ff00cf8c1d93a6299cb625
SSDEEP

384:QAD7ki25Qt3Dy2jqkXHNUGBSf4K7slszIY1+0qgJpJgLa0MppH82Y9gO:QC7kR5+tfMhsls8X0qggLa1o2Y9g

Score

N/A

Malware Config

Signatures

Files

d3aa3ba6c30957aa7987ecd94f4b101f2339734403714750f924bb638f1b0554
.dll windows x86

e00855bdd9535ef55241c1c5ebdaed9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ord680

advapi32

RegCloseKey
RegCreateKeyExA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

user32

GetWindowTextA
GetParent
GetFocus
GetClassNameA
IsWindowVisible
EnumChildWindows
CharLowerBuffA
CallWindowProcA
CallNextHookEx
wsprintfA
SendMessageA
SetWindowTextA
SetWindowsHookExA
FindWindowA

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteProcessMemory
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
Sleep
SetFilePointer
SetFileAttributesA
CloseHandle
CreateFileA
DeleteFileA
ExitThread
GetCurrentProcess
GetFileAttributesA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempPathA
GlobalFindAtomA
ReadFile
RtlMoveMemory
RtlZeroMemory

shlwapi

StrToIntA
StrStrIA
StrStrA
StrTrimA

Exports

Exports

CopyCurrentString
GetCurProcessName
StrBitRep
StrFindByte
StrGetIn
StrReplace
StrXor

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e00855bdd9535ef55241c1c5ebdaed9d

Headers

File Characteristics

Imports

shell32

advapi32

user32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 984B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 984B