f5a41810a71edc48d63733a041a5a06840108598ac3c44f9a50dc0d1e49dc29b

Sharing

Copy URL Twitter E-mail

General

Target

f5a41810a71edc48d63733a041a5a06840108598ac3c44f9a50dc0d1e49dc29b
Size

169KB
MD5

64d7472653da2057aafad31e7ed965ca
SHA1

2f5e3513a48f7a218dcebf9fe9e6be89a1a53b80
SHA256

f5a41810a71edc48d63733a041a5a06840108598ac3c44f9a50dc0d1e49dc29b
SHA512

ee2481d316b77919d69a825d09736a722dd00372d60769f837e82194ffac0a230d2a76d1b2ac37960c62e8437496225c2dc066530f1048c35a4a6b043a486ed4
SSDEEP

3072:hbGc3zLKXsTgIS/HT5tu9B7NluP8G4u5wIh4SgNXuVdFxIcBo:ZGc3zL7TgJvltIB7uqfYjFe

Score

N/A

Malware Config

Signatures

Files

f5a41810a71edc48d63733a041a5a06840108598ac3c44f9a50dc0d1e49dc29b
.dll windows x86

3ab66a2dce63dbe46b0de7ab6b304621

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
GetModuleFileNameW
GetModuleHandleW
lstrcmpiW
lstrlenW
GetCurrentThreadId
lstrcpyW
Sleep
ResumeThread
PulseEvent
GetComputerNameExW
HeapDestroy
GetProcessHeap
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
LocalFree
WriteFile
LocalAlloc
WriteConsoleW
FormatMessageW
IsBadWritePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
GetSystemInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
GlobalFree
GlobalAlloc
GetModuleHandleA
GetProcAddress
LoadLibraryW
OutputDebugStringA
GetComputerNameW
CreateEventW
FreeLibrary
InterlockedIncrement
InterlockedDecrement
ResetEvent
WaitForSingleObject
CreateEventA
DeviceIoControl
GetOverlappedResult
CloseHandle
SetEvent
VirtualProtect
GetLocaleInfoA
GetCommandLineA
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
VirtualQuery
InterlockedExchange
GetVersionExA
RtlUnwind

user32

SetWindowPos
CallNextHookEx
UnhookWindowsHookEx
KillTimer
SetTimer
SetWindowsHookExW
PostMessageW
GetDlgItem
EnableWindow
CreateDialogParamW
SetRectEmpty
CheckDlgButton
IsDlgButtonChecked
CopyRect
IsRectEmpty
DestroyWindow
ShowWindow
IsWindow
GetSystemMetrics
GetWindowRect
LoadStringW
MessageBoxW
RegisterClipboardFormatW
GetActiveWindow
SetWindowLongW
SendMessageW
EndDialog

advapi32

RegCreateKeyExW
RegDeleteValueW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
CloseServiceHandle
RegSetValueExW
RegQueryValueExW
RegCloseKey
QueryServiceStatus
RegOpenKeyExW

gdi32

GetStockObject
DeleteObject
SelectObject
SetTextColor
SetBkMode
Polyline
Rectangle
SetROP2

ole32

CoFreeUnusedLibraries
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
IIDFromString
CoCreateInstance
ReleaseStgMedium

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ab66a2dce63dbe46b0de7ab6b304621

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 71KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 71KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 5KB - Virtual size: 5KB