09aeb855bcaa33c1d0ad1fbda8b54db937f4baf7b100cf22d89f84ca09a2b6d7

Sharing

Copy URL

Twitter E-mail

General

Target

09aeb855bcaa33c1d0ad1fbda8b54db937f4baf7b100cf22d89f84ca09a2b6d7
Size

156KB
MD5

675935632edb8fa7fcc1109bbe3fdfb7
SHA1

f81990e5952ee2b298f1395441de0e4d360411c3
SHA256

09aeb855bcaa33c1d0ad1fbda8b54db937f4baf7b100cf22d89f84ca09a2b6d7
SHA512

3ed722af9af22d285e2ba9d60a171dbf91feabb32d8556162e8fe90057f210c8194cd93d6d1917bc1b5b616497dc9cbbd50d904a1b035232d3386b709ae68a66
SSDEEP

3072:RknwQlrpThsbj5AeD3gB2W7mY+5siHDaXJfkeWLwI6xKTNs0xu/XT:RkwmA5TD3gEW7mRqmQJseWLrJsJP

Score

N/A

Malware Config

Signatures

Files

09aeb855bcaa33c1d0ad1fbda8b54db937f4baf7b100cf22d89f84ca09a2b6d7
.dll windows x86

7c02535ba7f04e144a842c6da7b5cdb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CloseHandle
GetComputerNameA
CopyFileA
GlobalAlloc
CreateProcessA
GetCommandLineA
GetProcAddress
GetCurrentProcess
GetProcessHeap
TerminateProcess
SetLastError
InterlockedCompareExchange
GetVolumeInformationA
InterlockedIncrement
InterlockedDecrement
GetLastError
HeapFree
WriteFile
ExitProcess
UnmapViewOfFile
WriteProcessMemory
EnterCriticalSection
CreateFileMappingA
HeapAlloc
GlobalFree
ReadProcessMemory
LocalFree
GetTickCount
GetModuleHandleA
LeaveCriticalSection
OpenFileMappingA
WaitForSingleObject
GetModuleFileNameA
CreateDirectoryA
CreateEventA
LoadLibraryA
Sleep
OpenEventA
CreateMutexW
MapViewOfFile

ole32

CoInitialize
CoTaskMemAlloc
CoCreateGuid
CoUninitialize
OleCreate
OleSetContainedObject
CoSetProxyBlanket
CoCreateInstance

user32

GetClassNameA
DestroyWindow
SetWindowLongA
GetCursorPos
CreateWindowExA
ClientToScreen
RegisterWindowMessageA
UnhookWindowsHookEx
TranslateMessage
SetWindowsHookExA
FindWindowA
PeekMessageA
GetWindow
PostQuitMessage
SendMessageA
GetWindowThreadProcessId
SetTimer
GetParent
GetMessageA
KillTimer
GetWindowLongA
DefWindowProcA
GetSystemMetrics
DispatchMessageA
ScreenToClient

oleaut32

SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

SetTokenInformation
GetUserNameA
RegOpenKeyExA
RegSetValueExA
DuplicateTokenEx
RegCloseKey
RegDeleteValueA
OpenProcessToken
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHGetFolderPathA

Exports

Exports

CdEventEnum

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c02535ba7f04e144a842c6da7b5cdb4

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 944B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 944B

.reloc
Size: 8KB - Virtual size: 6KB