98c65c293fce50e76be9e86bf9e0d20404617bbb71114604e36e8312dd0b291a

Sharing

Copy URL Twitter E-mail

General

Target

98c65c293fce50e76be9e86bf9e0d20404617bbb71114604e36e8312dd0b291a
Size

54KB
MD5

1d032cbcd8945d30eb66f3018fc3137f
SHA1

720b21c09c5a7b3f276619d7e3ea299dfe06f28b
SHA256

98c65c293fce50e76be9e86bf9e0d20404617bbb71114604e36e8312dd0b291a
SHA512

b48861611de826a2cb136c511972e228f3112f43a2e79d3626e9ea14368e65f952a693fc5822a65bb61df0b0ad1c055e9ad621723dc2fd4405a3fdd2711f8681
SSDEEP

1536:YZptSYSGKqGidjzDOZ9/prFKKc/ougVQAhBxty/3No:MtSd12mZD897qnvkN

Score

N/A

Malware Config

Signatures

Files

98c65c293fce50e76be9e86bf9e0d20404617bbb71114604e36e8312dd0b291a
.dll windows x86

e47ed2337b8dddc99737ce2d105d7b53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperBuffA
DeleteMenu
ActivateKeyboardLayout
SetWindowTextA
UnhookWindowsHookEx
IsWindowEnabled
SetCapture
SetMessageQueue
IsIconic
SetScrollInfo
GetMessagePos
EnumDisplayMonitors
GetScrollRange

kernel32

MapViewOfFile
UnmapViewOfFile
IsProcessorFeaturePresent
UnhandledExceptionFilter
RaiseException
GetModuleHandleA
LocalFree
CreateThread
lstrcmpiA
WaitForMultipleObjects
WaitForSingleObject
LocalAlloc
SetUnhandledExceptionFilter
VirtualQueryEx
CreateFileMappingA

kbdrdsvc

CtfImmIsCiceroStartedInThread
RealShellExecuteA
ILIsParent
CtfImmRestoreToolbarWnd
SdbFindFirstTagRef
ImmUnregisterWordA
SdbTagIDToTagRef
FindExeDlgProc
ImmEscapeA
SdbFreeFlagInfo
ImmGetDefaultIMEWnd
CDefFolderMenu_Create
ImmRegisterWordA
CtfImmTIMActivate
ImmGetCompositionWindow
CtfImmGenerateMessage
SdbDeletePermLayerKeys
PrintersGetCommand_RunDLL
DAD_DragLeave
SdbReadWORDTag
ImmDestroySoftKeyboard
FreeIconList

advapi32

ImpersonateSelf
CryptGetHashParam
EqualSid
MakeSelfRelativeSD

gdi32

CreateDIBSection
SetBkColor
SetEnhMetaFileBits
CreateBitmapIndirect
GetClipBox
DeleteDC
GetTextCharsetInfo
CreateFontA

ole32

CoRegisterMessageFilter
CreateOleAdviseHolder
OleConvertOLESTREAMToIStorage
OleQueryCreateFromData
StgIsStorageFile

Exports

Exports

CreateProcessNotify
autotupn

Sections

.text
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47ed2337b8dddc99737ce2d105d7b53

Headers

File Characteristics

Imports

user32

kernel32

kbdrdsvc

advapi32

gdi32

ole32

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 44KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 44KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB