ea04b9f068fd34bee095339aedef670d7f6a6887e6126942c6a516be5b0227d5

General

Target

ea04b9f068fd34bee095339aedef670d7f6a6887e6126942c6a516be5b0227d5
Size

163KB
MD5

62d7c35d1cfab913c7b7507e5158e4e6
SHA1

ff2bc768c92e12999af7adcefbb23fff9bb39121
SHA256

ea04b9f068fd34bee095339aedef670d7f6a6887e6126942c6a516be5b0227d5
SHA512

8be7e50f070548f88b4e414d2330dab165d7c7fd80d4ab355ec332aca4aebfdd95c0e17edd9f3afe26f6a25d89335b178c0ca435d66304dab330fa29d5e1c28d
SSDEEP

192:46nfuP420MpRCS/5YQ2SabU8OcYvEbsh5t8V6l:46neV6U8OcYvEboz8u

Score

N/A

Malware Config

Signatures

Files

ea04b9f068fd34bee095339aedef670d7f6a6887e6126942c6a516be5b0227d5
.dll windows x86

ad45ea4df424e96735e55e6ddf90a441

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
WriteProcessMemory
WideCharToMultiByte
lstrlenA
RtlZeroMemory
lstrlenW
Module32Next
Module32First
GetWindowsDirectoryA
Process32First
lstrcatA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
GetCurrentThreadId
Process32Next
FreeLibrary
DeleteFileA
OpenEventA
SetEvent
LoadLibraryA
CreateMutexA
ReleaseMutex
OpenProcess
GetLastError
RtlFillMemory
lstrcpyA
GetCurrentProcessId
Sleep
GetModuleFileNameA
CreateThread
CloseHandle

user32

GetMessageA
PostThreadMessageA
GetWindowThreadProcessId
UnhookWindowsHookEx
EnumWindows
SetWindowsHookExA
wsprintfA
CallNextHookEx

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken

shlwapi

PathFileExistsA
StrStrIA

msvcrt

strrchr
strcat
strcpy
strlen

Exports

Exports

2r3r2ewq3
68ui79o0
COMResModuleInstance
adn
asWarEsR
dna
dns
gtrhuk78io
ini
rhth455
sWarEsR
tni

Sections

.bss
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad45ea4df424e96735e55e6ddf90a441

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Exports

Exports

Sections

.bss Size: - Virtual size: 67KB

.data Size: 9KB - Virtual size: 9KB

shard Size: 512B - Virtual size: 268B

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 67KB

.data
Size: 9KB - Virtual size: 9KB

shard
Size: 512B - Virtual size: 268B

.reloc
Size: 2KB - Virtual size: 1KB