0a44bf5fa14ea06693498dcb1468e622be75532404fbcfa665dc3d35a83b175d

Sharing

Copy URL Twitter E-mail

General

Target

0a44bf5fa14ea06693498dcb1468e622be75532404fbcfa665dc3d35a83b175d
Size

112KB
MD5

0c2ecfd1fe90cb42ac810ade00369cba
SHA1

5e650d8cfbcb0aaea47de956417806e5b935274c
SHA256

0a44bf5fa14ea06693498dcb1468e622be75532404fbcfa665dc3d35a83b175d
SHA512

c3373526cd45870baa01df83fffddc823b783495feab756de89e2279ceb3a545c1b217023316eedd5abb259647ec5e5aa9c46254bdbc76e81cf5b3d5dbdbfd93
SSDEEP

3072:Gnt8of1af17EfcorOQqH4MMpvz8alj+hh8HRrUT:GVf1af1QZEMRz8pz

Score

N/A

Malware Config

Signatures

Files

0a44bf5fa14ea06693498dcb1468e622be75532404fbcfa665dc3d35a83b175d
.dll windows x86

502921be5089c3521ecb182733b8cc86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
GetVersion
lstrlenW
lstrcatW
LocalAlloc
lstrcmpW
LoadLibraryW
GlobalLock
GlobalUnlock
LocalFree
FreeLibrary
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
Sleep
InterlockedCompareExchange
VirtualProtect
GetModuleHandleA
GetFileAttributesW
GetProcAddress
GetCommandLineA
GetShortPathNameA
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
VirtualQuery
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetSystemInfo

user32

EnableWindow
GetDlgItem
GetWindowLongW
SendMessageW
SetFocus
SetCursor
EnumDisplayDevicesW
SendDlgItemMessageW
RegisterClipboardFormatW
MessageBoxW
LoadStringW
SetWindowLongW
GetParent
ShowWindow
wsprintfW
IsDlgButtonChecked
WinHelpW
GetFocus

advapi32

RegCloseKey
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyA
RegSetValueExA

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
ReleaseStgMedium

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

502921be5089c3521ecb182733b8cc86

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 39KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 39KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 3KB - Virtual size: 3KB