85930f22b8e1d7d391e0eaa0b746a13ab15f88806bfefff84f6f07a67d8e7f27

Sharing

Copy URL Twitter E-mail

General

Target

85930f22b8e1d7d391e0eaa0b746a13ab15f88806bfefff84f6f07a67d8e7f27
Size

103KB
MD5

6cd834accd06d4b2fc3169bf9532459b
SHA1

cbb908e453a9b8429688ec2b304093ac4ec7009c
SHA256

85930f22b8e1d7d391e0eaa0b746a13ab15f88806bfefff84f6f07a67d8e7f27
SHA512

6f39a7a1ba272d414430ae04aafc3022ade8a3ce501d6323c1d96a2152b35a0c606cf218ff20404911be76f786f2e125168a89784d31980384bb9014086e6441
SSDEEP

3072:ehAan/WWjVglku8/SC6RvVFZMKN0o9Wa2+fx8:vanpakXSC6x3Pusb22x

Score

N/A

Malware Config

Signatures

Files

85930f22b8e1d7d391e0eaa0b746a13ab15f88806bfefff84f6f07a67d8e7f27
.dll windows x86

baef336e26d147e7fe769530b1f497d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
lstrlenA
GetCurrentThreadId
FormatMessageW
LocalAlloc
LocalFree
ExpandEnvironmentStringsW
lstrlenW
MultiByteToWideChar
GetLocalTime
WideCharToMultiByte
GetWindowsDirectoryA
SearchPathW
FindResourceExW
SetLastError
LoadLibraryExW
MapViewOfFile
CreateFileMappingW
CreateFileW
GetVersionExW
GetLocaleInfoW
UnmapViewOfFile
FormatMessageA
CloseHandle
InterlockedCompareExchange
FreeEnvironmentStringsW
TerminateProcess
WaitForSingleObject
InterlockedExchange
CreateThread
InterlockedIncrement
InterlockedDecrement
GetComputerNameA
WriteFile
ReadFile
DeviceIoControl
ExpandEnvironmentStringsA
CreateDirectoryA
LoadLibraryA
GetCurrentThread
GetTickCount
GetPrivateProfileIntA
CreateFileA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalFree
GetModuleHandleA
DisableThreadLibraryCalls
GetProcessHeap
HeapAlloc
HeapFree
FreeEnvironmentStringsA
SetEnvironmentVariableW
DebugBreak
GetExitCodeThread
GetCurrentProcess
InitializeCriticalSection
FreeLibrary
LoadLibraryExA
Sleep
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetUserDefaultLangID
LoadLibraryW
DeleteCriticalSection
GetUserDefaultLCID
GetLocaleInfoA
GetVersionExA
GetCommandLineA
GetLastError
VirtualProtect

user32

IsWindowVisible
CharNextA
EnumThreadWindows
wsprintfA
wvsprintfA
PostMessageA
MessageBoxA
SetFocus
LoadStringW
SendMessageTimeoutW
LoadStringA
GetWindowThreadProcessId
SetForegroundWindow
AttachThreadInput
GetDesktopWindow
IsWindowEnabled
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowTextLengthW
FindWindowA
FindWindowW
GetWindow
keybd_event
VkKeyScanA
SendMessageTimeoutA

advapi32

RegSetValueExA
RegQueryInfoKeyW
RegEnumValueW
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegDeleteKeyA
RegQueryValueExA
EqualSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
FreeSid
AllocateAndInitializeSid
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExA

ole32

CoTaskMemFree
StringFromCLSID

msvcrt

fopen
_ismbcdigit
_ismbcspace
fclose
wcsncmp
bsearch
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
_initterm
_callnewh
_CxxThrowException
_wcsicmp
_ultoa
memset
fwrite
strncpy
__RTtypeid
wcscmp
_ultow
_wtoi
wcslen
fprintf
memcpy
_errno
_vsnwprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
time
_except_handler3
_XcptFilter
malloc
free
_snprintf
_itoa
_vsnprintf

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baef336e26d147e7fe769530b1f497d8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB