cf3dd675177b101c651b81e1557f6a28ea0dd2d1e8f9076b4b201fe7d95868c2

Sharing

Copy URL Twitter E-mail

General

Target

cf3dd675177b101c651b81e1557f6a28ea0dd2d1e8f9076b4b201fe7d95868c2
Size

60KB
MD5

3127998f43f6fe7640ac02a6179b50b0
SHA1

774506d6d11d816f945bb3f661d8b38f9bd93ad6
SHA256

cf3dd675177b101c651b81e1557f6a28ea0dd2d1e8f9076b4b201fe7d95868c2
SHA512

88c4a627b4c75ef7e52dec1218049ff597c15df97c217fd5a783ada3981bc90c9b81a69bd02228c51c826e682f48d35ab8bbe0e38273b8558b81cc81509504bb
SSDEEP

768:P55IoHgL0wt1gu7l7l6bSwknXnDsOoqM5PQGPL4vzZq2o9W7GsxBbPr:P55Xbu7Rl6bSJFov5IGCq2iW7z

Score

N/A

Malware Config

Signatures

Files

cf3dd675177b101c651b81e1557f6a28ea0dd2d1e8f9076b4b201fe7d95868c2
.exe windows x86

a168909e79ce959b0bd387b131b86643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CreateFileMappingA
CreateProcessA
CreateMutexA
UnmapViewOfFile
GetLastError
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
LoadLibraryA
GetCommandLineA
GetOEMCP
GetACP
GetProcAddress
MultiByteToWideChar
GetCPInfo
FlushFileBuffers
SetStdHandle
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsBadWritePtr
HeapReAlloc
GetVersion
ExitProcess
SetFilePointer
VirtualAlloc
WriteFile
VirtualFree
WideCharToMultiByte
CloseHandle
GetModuleHandleA
HeapCreate
IsBadCodePtr
HeapDestroy
FreeEnvironmentStringsA
GetModuleFileNameA
GetFileType
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

user32

DispatchMessageA
LoadAcceleratorsA
UnregisterDeviceNotification
GetMessageA
TranslateMessage
TranslateAcceleratorA
SetTimer
KillTimer
PostQuitMessage
RegisterClassExA
DefWindowProcA
CreateWindowExA
RegisterDeviceNotificationA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

ole32

CoGetMalloc
CoCreateInstance
CoUninitialize
CoInitialize
CreateBindCtx
MkParseDisplayName

oleaut32

SysAllocString
SysFreeString

ksproxy.ax

KsSynchronousDeviceControl

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��u"
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a168909e79ce959b0bd387b131b86643

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ksproxy.ax

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 688B

��u" Size: 20KB - Virtual size: 20KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 688B

��u"
Size: 20KB - Virtual size: 20KB