7cf9aa1732f05af3496a9ca0f342deb1b3892dfe000d901f68c971d54f694321

Sharing

Copy URL

Twitter E-mail

General

Target

7cf9aa1732f05af3496a9ca0f342deb1b3892dfe000d901f68c971d54f694321
Size

297KB
MD5

4389caf511b29fd072d4b34077d3cc51
SHA1

4efdd592ca51bd9426fac565b26cad48eaff3d10
SHA256

7cf9aa1732f05af3496a9ca0f342deb1b3892dfe000d901f68c971d54f694321
SHA512

20b8f106ef803bdbcf7f52bcc78103334e9e912444740ea648302d07cfa1211a2008c837c8098ea410ba94ddb4afc7b1d6568c1838e3f424af70ddb6c4f2ce10
SSDEEP

6144:QeitFRmZJ3fhYhnvpAiGvtnlwviJoMcgRzHx55FXyWxo/:aFAJ35YHAiGvtlXNpx5D3o/

Score

N/A

Malware Config

Signatures

Files

7cf9aa1732f05af3496a9ca0f342deb1b3892dfe000d901f68c971d54f694321
.dll windows x86

defb44109a93e4c321ab95b183fee4b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

user32

UnhookWindowsHookEx
ShowWindow
SetWindowsHookExA
SetFocus
RegisterClipboardFormatA
MoveWindow
IsZoomed
IsWindowVisible
IsIconic
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetParent
GetForegroundWindow
DestroyWindow
CreateDialogParamA
CharNextW
CharNextA
CallNextHookEx

oleaut32

VariantClear
VarUI4FromStr
UnRegisterTypeLi
SysStringLen
SysFreeString
SysAllocString
RegisterTypeLi
LoadTypeLi

kernel32

WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
lstrlenW
GetEnvironmentStringsW
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SizeofResource
SetLastError
SetHandleCount
RtlUnwind
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
LoadResource
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsDebuggerPresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapReAlloc
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree

Exports

Exports

GetDesc
GetGlobals
ReleaseThread
Restore
_getsig
set_gamma
vExecToken
write_end

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

defb44109a93e4c321ab95b183fee4b0

Headers

File Characteristics

Imports

ole32

advapi32

user32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 134KB - Virtual size: 133KB

.data Size: 34KB - Virtual size: 35KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 134KB - Virtual size: 133KB

.data
Size: 34KB - Virtual size: 35KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 6KB - Virtual size: 5KB