3ab417d01dda1106d12eab99de61f5989ecd881250ec1a599e642555cf380046

Sharing

Copy URL

Twitter E-mail

General

Target

3ab417d01dda1106d12eab99de61f5989ecd881250ec1a599e642555cf380046
Size

152KB
MD5

6e1fd1e95cd7095dea79b7b1a395d797
SHA1

36767cc01064764e851b03d55153b4809c8bdb91
SHA256

3ab417d01dda1106d12eab99de61f5989ecd881250ec1a599e642555cf380046
SHA512

066a903d8728a895c2d3242c6bfa2a61ec2ffa1ad9eb9be29d016be723e7e4b590f982b746abc291ac7168af5c132e7abac5fe00aff2fe0cfc7256d7bcd45bfc
SSDEEP

3072:zYWyVvknQMb3rhTSCWNJ26LMLmA6UWfU/sG5DeYKFXD4/5A5qNfHFV:ZGMlmNoF75jB5oyfn

Score

N/A

Malware Config

Signatures

Files

3ab417d01dda1106d12eab99de61f5989ecd881250ec1a599e642555cf380046
.dll windows x86

b814825c3a4a8b7faf728e0d2b296fe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetComputerNameA
GetCurrentProcess
HeapAlloc
CreateFileA
CreateProcessA
ReadProcessMemory
CopyFileA
TerminateProcess
WriteFile
GetTickCount
GetProcessHeap
CloseHandle
InterlockedCompareExchange
CreateDirectoryA
CreateEventA
OpenFileMappingA
GetModuleHandleA
GetCommandLineA
LocalFree
CreateMutexW
SetLastError
MapViewOfFile
GlobalFree
HeapFree
EnterCriticalSection
GetVolumeInformationA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
Sleep
CreateFileMappingA
OpenEventA
GlobalAlloc
LeaveCriticalSection
WriteProcessMemory
LoadLibraryA
UnmapViewOfFile
GetProcAddress
ExitProcess

ole32

CoCreateGuid
OleSetContainedObject
CoTaskMemAlloc
CoSetProxyBlanket
CoUninitialize
OleCreate
CoCreateInstance
CoInitialize

user32

SetWindowsHookExA
GetWindow
TranslateMessage
RegisterWindowMessageA
PeekMessageA
SendMessageA
DispatchMessageA
GetParent
DestroyWindow
GetWindowThreadProcessId
GetWindowLongA
GetClassNameA
ClientToScreen
DefWindowProcA
CreateWindowExA
SetTimer
GetSystemMetrics
GetMessageA
UnhookWindowsHookEx
GetCursorPos
PostQuitMessage
FindWindowA
ScreenToClient
SetWindowLongA
KillTimer

oleaut32

SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
GetUserNameA
SetTokenInformation
RegDeleteKeyA
DuplicateTokenEx
OpenProcessToken
RegOpenKeyExA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

WinnetIde

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1001B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b814825c3a4a8b7faf728e0d2b296fe8

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 1001B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1001B

.reloc
Size: 8KB - Virtual size: 6KB