cbebb2cedf1ee6d325e1be18c07480278d72563929206d778e60fca0bb0fc978

General

Target

cbebb2cedf1ee6d325e1be18c07480278d72563929206d778e60fca0bb0fc978
Size

140KB
MD5

14fef656d85da89ea47bff0c41a57144
SHA1

4d69962452197083b39872840e2882e8d67d9266
SHA256

cbebb2cedf1ee6d325e1be18c07480278d72563929206d778e60fca0bb0fc978
SHA512

afcfcd2154c881a6bab44fb47a70dc1b33d7008f0e3e808640232b42c98f84e9aaef8fbe88aed6c694e8b1523fb504ab0a19016e534ccab9222c2a0ef7cfb47a
SSDEEP

3072:3CHjx3vG/QRCNmCVdnxjOzXiz8RxRyFG/VlGlibqiflFI9BwuC91ERJ4Efaft:3CN3RmTdxjOzXiqkWflS9BoERWEfmt

Score

N/A

Malware Config

Signatures

Files

cbebb2cedf1ee6d325e1be18c07480278d72563929206d778e60fca0bb0fc978
.dll windows x86

1494f64c8e683bf347c01c215d57082a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CloseHandle
CopyFileA
GetLastError
InterlockedDecrement
UnmapViewOfFile
InterlockedIncrement
Sleep
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
ExitProcess
MapViewOfFile
LocalFree
GetModuleHandleA
InterlockedCompareExchange
CreateProcessA
GetModuleFileNameA
ReleaseMutex
SetLastError
lstrlenW
GetTickCount
OpenEventA
lstrlenA
GetCommandLineA
CreateEventA
GetProcAddress

ole32

CoCreateGuid
CoUninitialize
OleSetContainedObject
OleCreate
CoInitialize
CreateBindCtx

user32

SetWindowLongA
GetMessageA
DestroyWindow
SetTimer
GetWindowLongA
GetSystemMetrics
FindWindowA
DefWindowProcA
PostQuitMessage
KillTimer
CreateWindowExA
PostMessageA
SendMessageA
GetClassNameA
TranslateMessage
GetParent
RegisterWindowMessageA
DispatchMessageA

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA

Exports

Exports

i18Commsmon2

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1494f64c8e683bf347c01c215d57082a

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB