0af18cca15468c9c082df861385ea9bb0e9b668369fa471e93ac5099ef3f982f

Sharing

Copy URL Twitter E-mail

General

Target

0af18cca15468c9c082df861385ea9bb0e9b668369fa471e93ac5099ef3f982f
Size

272KB
MD5

6e285e389b664dbc809f0f67a3664ba0
SHA1

19314fb34630df0aa75a5cf415f82ec94c077cea
SHA256

0af18cca15468c9c082df861385ea9bb0e9b668369fa471e93ac5099ef3f982f
SHA512

f494acaf762a946853a5a5ae9ae22f08ebb9ac1d5296a7466c158411ed15dc1b57fa53fea87ba2d44a624ae605b36975e0c74ce18c3d769cd1c5c03887804bc8
SSDEEP

6144:B/lAK1uwQU8erbFFC9vjx+9g8wW5ivgb/Tu:nAK1JQZCRuduZjTu

Score

N/A

Malware Config

Signatures

Files

0af18cca15468c9c082df861385ea9bb0e9b668369fa471e93ac5099ef3f982f
.exe windows x86

a1a6a72877dde9aa75606e49b5c3f5b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HWND_UserMarshal
HWND_UserSize
HWND_UserUnmarshal
HWND_UserFree

rpcrt4

NdrOleFree
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
CStdStubBuffer_QueryInterface
NdrDllCanUnloadNow
NdrOleAllocate
NdrCStdStubBuffer_Release
NdrClientCall2
NdrStubCall2
CStdStubBuffer_Disconnect
NdrDllRegisterProxy
IUnknown_Release_Proxy
NdrDllGetClassObject
CStdStubBuffer_AddRef
IUnknown_AddRef_Proxy
CStdStubBuffer_IsIIDSupported
NdrStubForwardingFunction
CStdStubBuffer_DebugServerRelease
NdrDllUnregisterProxy
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerQueryInterface

kernel32

GetModuleHandleW
WriteFile
GetOEMCP
HeapFree
LeaveCriticalSection
UnhandledExceptionFilter
HeapAlloc
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
TlsFree
FreeEnvironmentStringsW
GetCommandLineA
SetUnhandledExceptionFilter
TlsGetValue
IsProcessorFeaturePresent
TlsAlloc
GetSystemTimeAsFileTime
IsValidCodePage
DeleteCriticalSection
HeapSize
TlsSetValue
SetLastError
LCMapStringW
EnterCriticalSection
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetCurrentThreadId
RtlUnwind
WideCharToMultiByte
GetACP
SetErrorMode
VirtualAllocEx

oleaut32

BSTR_UserMarshal
VARIANT_UserSize
BSTR_UserSize
VARIANT_UserUnmarshal
VARIANT_UserMarshal
BSTR_UserFree
BSTR_UserUnmarshal
VARIANT_UserFree

user32

GetKeyboardLayout
GetDlgItemTextW
mouse_event
CharNextW
GetClassInfoW
GetAsyncKeyState
CheckMenuItem
CreateWindowExA
InsertMenuItemA
SetActiveWindow
RemoveMenu
SetCursorPos
CreateAcceleratorTableW
wvsprintfA
GetDesktopWindow
ShowWindow
GetKeyState
GetFocus
RegisterClassExA
GetMenuInfo
IsChild
SetFocus
MonitorFromWindow
ShowCursor
WaitMessage
DialogBoxParamW
SetTimer

actxprxy

DllGetClassObject
GetProxyDllInfo
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 237KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1a6a72877dde9aa75606e49b5c3f5b0

Headers

File Characteristics

Imports

ole32

rpcrt4

kernel32

oleaut32

user32

actxprxy

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 237KB - Virtual size: 5.9MB

.rdata Size: 3KB - Virtual size: 45KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 237KB - Virtual size: 5.9MB

.rdata
Size: 3KB - Virtual size: 45KB

.rsrc
Size: 13KB - Virtual size: 12KB