d52dcd647da74c836a923788ffb4471fbf2122dc19ffc838c29b74532b87fa6f

Sharing

Copy URL Twitter E-mail

General

Target

d52dcd647da74c836a923788ffb4471fbf2122dc19ffc838c29b74532b87fa6f
Size

272KB
MD5

510ec24a16e163a3e875215b44312740
SHA1

bb402ee96d513cf901a1cef87628d521e42696dc
SHA256

d52dcd647da74c836a923788ffb4471fbf2122dc19ffc838c29b74532b87fa6f
SHA512

92f6d570250d50a22c3bd8c445fa86fa69f7ba9cf634311e9437a7b1f463a40b65f286da0e304cb980c04c56287b612ae30748e17bf4ff7db636203c94fb2e63
SSDEEP

6144:V/lAK1uwQU8erbFFC9vjx+9g8wW5ivgb/Tu:bAK1JQZCRuduZjTu

Score

N/A

Malware Config

Signatures

Files

d52dcd647da74c836a923788ffb4471fbf2122dc19ffc838c29b74532b87fa6f
.exe windows x86

a1a6a72877dde9aa75606e49b5c3f5b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HWND_UserMarshal
HWND_UserSize
HWND_UserUnmarshal
HWND_UserFree

rpcrt4

NdrOleFree
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
CStdStubBuffer_QueryInterface
NdrDllCanUnloadNow
NdrOleAllocate
NdrCStdStubBuffer_Release
NdrClientCall2
NdrStubCall2
CStdStubBuffer_Disconnect
NdrDllRegisterProxy
IUnknown_Release_Proxy
NdrDllGetClassObject
CStdStubBuffer_AddRef
IUnknown_AddRef_Proxy
CStdStubBuffer_IsIIDSupported
NdrStubForwardingFunction
CStdStubBuffer_DebugServerRelease
NdrDllUnregisterProxy
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerQueryInterface

kernel32

GetModuleHandleW
WriteFile
GetOEMCP
HeapFree
LeaveCriticalSection
UnhandledExceptionFilter
HeapAlloc
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
TlsFree
FreeEnvironmentStringsW
GetCommandLineA
SetUnhandledExceptionFilter
TlsGetValue
IsProcessorFeaturePresent
TlsAlloc
GetSystemTimeAsFileTime
IsValidCodePage
DeleteCriticalSection
HeapSize
TlsSetValue
SetLastError
LCMapStringW
EnterCriticalSection
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetCurrentThreadId
RtlUnwind
WideCharToMultiByte
GetACP
SetErrorMode
VirtualAllocEx

oleaut32

BSTR_UserMarshal
VARIANT_UserSize
BSTR_UserSize
VARIANT_UserUnmarshal
VARIANT_UserMarshal
BSTR_UserFree
BSTR_UserUnmarshal
VARIANT_UserFree

user32

GetKeyboardLayout
GetDlgItemTextW
mouse_event
CharNextW
GetClassInfoW
GetAsyncKeyState
CheckMenuItem
CreateWindowExA
InsertMenuItemA
SetActiveWindow
RemoveMenu
SetCursorPos
CreateAcceleratorTableW
wvsprintfA
GetDesktopWindow
ShowWindow
GetKeyState
GetFocus
RegisterClassExA
GetMenuInfo
IsChild
SetFocus
MonitorFromWindow
ShowCursor
WaitMessage
DialogBoxParamW
SetTimer

actxprxy

DllGetClassObject
GetProxyDllInfo
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 237KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1a6a72877dde9aa75606e49b5c3f5b0

Headers

File Characteristics

Imports

ole32

rpcrt4

kernel32

oleaut32

user32

actxprxy

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 237KB - Virtual size: 5.9MB

.rdata Size: 3KB - Virtual size: 45KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 237KB - Virtual size: 5.9MB

.rdata
Size: 3KB - Virtual size: 45KB

.rsrc
Size: 13KB - Virtual size: 12KB