ae094c583125cdc85c7161c24b8ecf6f6ef40a5d7f56b902f9b2bd6943524c99

Sharing

Copy URL Twitter E-mail

General

Target

ae094c583125cdc85c7161c24b8ecf6f6ef40a5d7f56b902f9b2bd6943524c99
Size

216KB
MD5

61ac505e89e5034e3bf3a4a44ceb5fe2
SHA1

c828afa74e46160311d52b522d4d280c17cf73cd
SHA256

ae094c583125cdc85c7161c24b8ecf6f6ef40a5d7f56b902f9b2bd6943524c99
SHA512

04dbea6df14d100644f2081c2c10b38d6cff74bb1e1389afff81361ca5ada675f3f9348032b660fd988caccf588244632d87577ede221c8250ca32a08324661c
SSDEEP

1536:da+hBCdSKvzSqoGm2yW9FL6PJwEI1/7hkR8kdAYalqDHl5OXGQJ2Dykg0a5QeLoh:M+nozMGCW9YD5ugDF5y0a5VM2au5Q9r

Score

N/A

Malware Config

Signatures

Files

ae094c583125cdc85c7161c24b8ecf6f6ef40a5d7f56b902f9b2bd6943524c99
.exe windows x86

73b4cd1659f4ca72048311617e91f8f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

eyeguardhook

GetLastActiveTime
EnableKeyboardHook
EnableIdleHook

msvfw32

MCIWndCreateA

kernel32

HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
RtlUnwind
HeapReAlloc
VirtualAlloc
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
GetLocalTime
GetStdHandle
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
GetCurrentProcess
SetFileAttributesA
FileTimeToLocalFileTime
ReadFile
CloseHandle
Sleep
GetVersionExA
SetProcessWorkingSetSize
GetTickCount
FileTimeToSystemTime
TerminateProcess
GetProcAddress
SetSystemPowerState
GetLastError
OpenProcess
GetFileTime
CreateToolhelp32Snapshot
CreateProcessA
lstrcpyA
CreateFileA
DeleteFileA
LocalFree
CreateMutexA
GetExitCodeProcess
FlushFileBuffers
WriteFile
Process32First
GetModuleHandleA
Process32Next
TlsAlloc
TlsGetValue
GetStartupInfoA
GetProcessHeap
HeapAlloc
lstrlenA
FreeEnvironmentStringsA
GetModuleFileNameA
GetCommandLineA
HeapFree

user32

GetMessageA
ShowCursor
GetForegroundWindow
GetCursorPos
SystemParametersInfoA
KillTimer
wsprintfA
GetWindowLongA
GetLastInputInfo
GetSystemMetrics
DrawTextA
ShowWindow
ExitWindowsEx
SetDlgItemTextA
GetSubMenu
GetWindowTextA
CreateWindowExA
SetFocus
SetWindowTextA
SetTimer
SendMessageA
RegisterHotKey
GetWindowRect
SetActiveWindow
SetPropA
GetDlgItem
SetForegroundWindow
BeginPaint
EnableWindow
LockWorkStation
SetRect
EndDialog
SetWindowLongA
ClipCursor
CreateDialogParamA
DefWindowProcA
EndPaint
DestroyMenu
PostQuitMessage
GetFocus
MessageBoxA
TrackPopupMenu
InvalidateRect
DestroyWindow
LoadMenuA
LoadIconA
LoadCursorA
RegisterClassA
TranslateMessage
DispatchMessageA
GetDlgItemTextA
BringWindowToTop
SetWindowPos
DialogBoxParamA
MoveWindow
PostMessageA

gdi32

CreateFontIndirectA
RoundRect
CreateSolidBrush
GetStockObject
SetTextColor
SetBkMode
DeleteObject
SelectObject

comdlg32

GetFileTitleA
GetOpenFileNameA

advapi32

SetNamedSecurityInfoA
RegCreateKeyA
GetNamedSecurityInfoA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
BuildExplicitAccessWithNameA
RegDeleteKeyA
RegDeleteValueA
RegRestoreKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegSaveKeyA
OpenProcessToken
RegQueryInfoKeyA
RegOpenKeyA
SetEntriesInAclA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

iphlpapi

GetIfEntry
GetAdaptersInfo

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 112KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73b4cd1659f4ca72048311617e91f8f6

Headers

File Characteristics

Imports

eyeguardhook

msvfw32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

iphlpapi

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 112KB - Virtual size: 114KB

.rsrc Size: 12KB - Virtual size: 84KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 112KB - Virtual size: 114KB

.rsrc
Size: 12KB - Virtual size: 84KB