b835e0ac22d35e189aa113ea7ae6da9b7526dcff4d1cbde1701a5be2a6396c47

Sharing

Copy URL Twitter E-mail

General

Target

b835e0ac22d35e189aa113ea7ae6da9b7526dcff4d1cbde1701a5be2a6396c47
Size

126KB
MD5

62ab8d721740552c4c668ba7361324b0
SHA1

0db87ab046a9cb92f5555d791d62c4caacddd0ba
SHA256

b835e0ac22d35e189aa113ea7ae6da9b7526dcff4d1cbde1701a5be2a6396c47
SHA512

a0e7ea6dfb354de688a9d84c8da3868b58958f5a38350c6f16116b7993da452bfd5b6a11850e5db20f0d3b3eb2f9d82f59aa8e4097d7082ddd8925fe6c953277
SSDEEP

3072:70AZ1ObiDZTR73ssdyptTBfTy4fpfm4QResW:7V1AiDZTRVStTB7LpOp

Score

N/A

Malware Config

Signatures

Files

b835e0ac22d35e189aa113ea7ae6da9b7526dcff4d1cbde1701a5be2a6396c47
.dll windows x86

eba26d659a9e11c8181622a50f4f431d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wvsprintfA
MessageBoxW
wsprintfW
GetCursorInfo
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetUserObjectInformationA
CloseDesktop
ShowWindow
BringWindowToTop
UpdateWindow
EnumWindows
GetWindowThreadProcessId
GetCursorPos
GetKeyState
GetAsyncKeyState
GetForegroundWindow
GetWindowTextA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
mouse_event
WindowFromPoint
SetCapture
MapVirtualKeyA
keybd_event
OpenDesktopA
PostMessageA
SetCursorPos
GetSystemMetrics
SendMessageA
SystemParametersInfoA
BlockInput
DestroyCursor
LoadCursorA
ExitWindowsEx
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
MessageBoxA
wsprintfA
PostThreadMessageA
CharUpperA
GetMessageA

gdi32

CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDIBits
CreateCompatibleBitmap
DeleteObject

advapi32

RegCreateKeyExW
RegQueryValueExW
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
QueryServiceConfigA
EnumServicesStatusA
DeleteService
ControlService
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ChangeServiceConfigA
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
ImpersonateSelf
OpenThreadToken
AdjustTokenPrivileges
RegSetValueExW

shell32

ShellExecuteA
SHEmptyRecycleBinA
SHFileOperationA

ole32

CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal

ws2_32

send
WSAStartup
inet_addr
gethostbyname
inet_ntoa
htons
socket
connect
setsockopt
closesocket
recv

shlwapi

StrRChrA
SHDeleteKeyA
StrCmpNIA
StrToIntA

psapi

GetModuleFileNameExA

winmm

waveInAddBuffer
timeGetTime
waveInUnprepareHeader
waveInStop
waveInClose
waveInOpen
waveInPrepareHeader
waveInStart

wininet

HttpQueryInfoA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

wtsapi32

WTSSendMessageA

kernel32

GetCurrentProcessId
lstrcmpiA
FindFirstFileA
FindNextFileA
GetLastError
FindClose
Process32Next
GetLogicalDriveStringsA
LocalAlloc
GetDriveTypeA
MoveFileA
CreateDirectoryA
Process32First
CreateToolhelp32Snapshot
TerminateProcess
DuplicateHandle
SetStdHandle
CreatePipe
GetStdHandle
CreateProcessA
GlobalFree
GetFileAttributesExA
RaiseException
DebugBreak
GetProfileIntW
InitializeCriticalSection
DeleteCriticalSection
OutputDebugStringW
WideCharToMultiByte
lstrlenW
CreateFileW
SetConsoleTitleW
AllocConsole
lstrcmpiW
lstrcpyW
GetModuleFileNameW
FatalAppExitW
MultiByteToWideChar
lstrcatW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
WaitForMultipleObjects
OpenProcess
lstrcmpA
OpenMutexA
FreeLibrary
GetDiskFreeSpaceExA
CreateThread
lstrcatA
GetLocalTime
InterlockedExchange
CreateMutexA
CreateFileA
GetFileSizeEx
SetFilePointerEx
ReadFile
GetCurrentProcess
GetPriorityClass
GetThreadPriority
SetPriorityClass
GetSystemDirectoryA
GetFileSize
SetFilePointer
WriteFile
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
VirtualAlloc
VirtualFree
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersion
GetVersionExA
GetSystemInfo
GlobalMemoryStatusEx
GetComputerNameA
GetVolumeInformationA
GetACP
GetOEMCP
GetCurrentThread
lstrcpyA
WTSGetActiveConsoleSessionId
GetTempPathA
GetCurrentThreadId
GetTickCount
CreateEventA
CloseHandle
ResetEvent
OutputDebugStringA
WaitForSingleObject
Sleep
SetEvent
DeleteFileA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
lstrlenA
ReleaseMutex

oleaut32

VariantClear

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
_beginthread
strrchr
sprintf
_beginthreadex
_ftol
free
wcscmp
malloc
atoi
exit
_chkesp
memcmp
memcpy
memset
wcsrchr
_vsnwprintf
vswprintf
swprintf
_initterm
_adjust_fdiv
??3@YAXPAX@Z

Exports

Exports

ForShare82

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eba26d659a9e11c8181622a50f4f431d

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shell32

ole32

ws2_32

shlwapi

psapi

winmm

wininet

wtsapi32

kernel32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 27KB - Virtual size: 31KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 27KB - Virtual size: 31KB

.reloc
Size: 6KB - Virtual size: 5KB