0b8dc467abb2007af6c8d175c6caf68b8a72da7c121f54d7807a1c1eb9479586

Sharing

Copy URL Twitter E-mail

General

Target

0b8dc467abb2007af6c8d175c6caf68b8a72da7c121f54d7807a1c1eb9479586
Size

59KB
MD5

15bfc00bc90e673785916e4d4d2c4561
SHA1

230bfbd51f3356ddf47e8ada8bb8716fdaefd258
SHA256

0b8dc467abb2007af6c8d175c6caf68b8a72da7c121f54d7807a1c1eb9479586
SHA512

f27a00015652bed597ee0861b448ea8739e87327f638cd6b69f3b694266f615f484c78cd6b6719a642c68ee52379b261980183509ed0033b06de0d2464df7912
SSDEEP

1536:cF3o2vmKGcDV0gt7PrsPqj/NxGrZvspmBHy9OM9vC1N:So0p1BQPqJ89vsoSImcN

Score

N/A

Malware Config

Signatures

Files

0b8dc467abb2007af6c8d175c6caf68b8a72da7c121f54d7807a1c1eb9479586
.zip
ʾKeyCastOW2025/KeyCastOW.exe
.exe windows x86

7e0ed4ad49cbdfd1a849a68186ec63c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdiplusStartup
GdipCreateFontFromDC
GdipDeleteStringFormat
GdipCreatePen1
GdipReleaseDC
GdipCreatePath
GdipCreateStringFormat
GdipFillPath
GdipCreateFromHDC
GdipResetClip
GdipFillRectangle
GdipGetDC
GdipDrawString
GdipDrawRectangle
GdipDeletePath
GdipAlloc
GdipCreateSolidFill
GdipClosePathFigure
GdipSetSmoothingMode
GdipGraphicsClear
GdipSetStringFormatAlign
GdipDeleteGraphics
GdipDeleteFont
GdipDrawPath
GdipSetTextRenderingHint
GdipSetClipRect
GdipMeasureString
GdipAddPathArc
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeletePen
GdipFree
GdipDeleteBrush
GdiplusShutdown

comctl32

InitCommonControlsEx

kernel32

GetConsoleCP
RtlUnwind
HeapReAlloc
HeapAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetConsoleMode
SetFilePointerEx
ExitProcess
SetErrorMode
GetPrivateProfileStringW
GetPrivateProfileStructW
WritePrivateProfileStructW
GetModuleFileNameW
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateTimerQueueTimer
DeleteTimerQueueTimer
DeleteFileW
lstrcpyW
GetTickCount
OutputDebugStringW
GetModuleFileNameA
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
HeapSize
MultiByteToWideChar
WriteFile
GetProcAddress
GetModuleHandleExW
WideCharToMultiByte
GetLastError
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
DecodePointer
EncodePointer
LCMapStringW
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW
CloseHandle

user32

GetDoubleClickTime
GetGUIThreadInfo
MapVirtualKeyExW
GetWindowThreadProcessId
ToUnicodeEx
CallNextHookEx
UpdateLayeredWindow
MapVirtualKeyW
GetWindowRect
GetMessageW
PostQuitMessage
TrackPopupMenu
GetKeyState
VkKeyScanExW
SetCapture
SetForegroundWindow
LoadCursorW
GetDC
GetCapture
TranslateMessage
RegisterClassExW
LoadIconW
GetKeyboardLayout
ReleaseDC
GetDlgItem
EndDialog
SetWindowPos
GetCursorPos
CheckDlgButton
ShowWindow
CreatePopupMenu
IsDlgButtonChecked
CreateDialogParamW
CreateWindowExW
SetMenuDefaultItem
SetWindowsHookExW
UnhookWindowsHookEx
MessageBoxW
ReleaseCapture
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
UpdateWindow
UnregisterHotKey
RegisterHotKey
GetMonitorInfoW
DefWindowProcW
MonitorFromRect
MoveWindow
DispatchMessageW
AppendMenuW

gdi32

CreateFontIndirectW
SelectObject
BitBlt
CreateCompatibleDC
CreateFontW
DeleteObject
CreateCompatibleBitmap
GetObjectA
DeleteDC
GetStockObject

comdlg32

ChooseFontW
ChooseColorW

shell32

Shell_NotifyIconW
ShellExecuteW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ʾKeyCastOW2025/KeyCastOW.ini
ʾKeyCastOW2025/ʹ˵ .txt

Sharing

General

Malware Config

Signatures

Files

7e0ed4ad49cbdfd1a849a68186ec63c8

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 5KB - Virtual size: 38KB

.reloc Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 512B

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 5KB - Virtual size: 38KB

.reloc
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 512B

.rsrc
Size: 9KB - Virtual size: 9KB