697da70b8f39d3df62f797c1c3cca07aea937a6e47ccec7add20b51f28b815fc

Sharing

Copy URL Twitter E-mail

General

Target

697da70b8f39d3df62f797c1c3cca07aea937a6e47ccec7add20b51f28b815fc
Size

500KB
MD5

48eb48f9acc5a2cf0bd72b25106bb800
SHA1

e2b1cf6adca6222a4e312ee3e7e2e22686634524
SHA256

697da70b8f39d3df62f797c1c3cca07aea937a6e47ccec7add20b51f28b815fc
SHA512

df04555a397134f5bc2b39a954c8f2449e2b4b5bc9cc69049aa75b6fbd15b363b22d7b071ede2d2b6e3217ab011076c0edb68cc10c82ea80ac4dfe688a8c7bf3
SSDEEP

3072:ju+dNfB/vbMg/HT6/Cis9EstL95IUkBthHcxWMCWf550q+MB3:juOB/vbM+HsCisT9m5x8QMCvq+M

Score

N/A

Malware Config

Signatures

Files

697da70b8f39d3df62f797c1c3cca07aea937a6e47ccec7add20b51f28b815fc
.exe windows x86

b23304d3f03b0c1f76b9538dfe2bcfb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

filter

?LoadKBFilter@@YAPAUHHOOK__@@PAUHWND__@@@Z
?UnLoadKBFilter@@YAHPAUHHOOK__@@@Z

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapSize
CreateFileA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GlobalSize
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
InitializeCriticalSection
LoadLibraryA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
GlobalLock
GlobalUnlock
OpenFileMappingA
MapViewOfFile
CloseHandle
Sleep
QueryPerformanceFrequency
FindFirstFileA
FindNextFileA
QueryPerformanceCounter
GetModuleFileNameA
GetVersionExA
CompareStringA
CompareStringW
ReadFile
SetEnvironmentVariableA
TlsFree
SetEndOfFile
TlsSetValue
TlsAlloc
TlsGetValue
LeaveCriticalSection
GetSystemTimeAsFileTime
RtlUnwind
GetProcAddress
GetModuleHandleA
ExitProcess
HeapAlloc
GetLastError
HeapFree
RaiseException
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetTimeZoneInformation
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection

user32

SetWindowPos
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
CloseClipboard
MessageBeep
SetCursor
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostQuitMessage
SetTimer
PostMessageA
CheckRadioButton
GetKeyboardLayoutNameA
DialogBoxParamA
SetFocus
LoadImageA
KillTimer
GetKeyboardState
keybd_event
WinHelpA
GetWindowDC
MoveWindow
DestroyWindow
IsDlgButtonChecked
CheckDlgButton
SystemParametersInfoA
InvalidateRect
UpdateWindow
GetClientRect
DrawTextA
MessageBoxA
SendDlgItemMessageA
GetDlgItemTextA
EndDialog
SetDlgItemTextA
BeginPaint
LoadBitmapA
GetDlgItem
ScreenToClient
EndPaint
GetWindowRect

gdi32

StretchBlt
CreateHatchBrush
Polygon
CreateFontIndirectA
SetBkMode
SetTextColor
CreateCompatibleDC
SelectObject
GetMapMode
SetMapMode
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps
SetStretchBltMode

comdlg32

GetOpenFileNameA
CommDlgExtendedError

shell32

ShellExecuteA

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b23304d3f03b0c1f76b9538dfe2bcfb6

Headers

File Characteristics

Imports

filter

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 304KB - Virtual size: 300KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 304KB - Virtual size: 300KB

.rmnet
Size: 60KB - Virtual size: 60KB