98f628f63618315d36062400fee9a4c0c2e33fd5e17b8c30914f25f6633da98e

Sharing

Copy URL Twitter E-mail

General

Target

98f628f63618315d36062400fee9a4c0c2e33fd5e17b8c30914f25f6633da98e
Size

304KB
MD5

de2edd869f686a20633d24b0dd2eff77
SHA1

4448692bd328098a7fb72bd161c9ebcd1e651b2b
SHA256

98f628f63618315d36062400fee9a4c0c2e33fd5e17b8c30914f25f6633da98e
SHA512

0c91e9f5056a1c35fcdc9fbba83860560541e2e08959f2b06767e94b9e35a82e626b99e8f19706f602431a38e0389724db26b34254a9fe09f5496ff0de4b8815
SSDEEP

6144:6taK1iCzqRDgaE1o71bliASplR29yPhdx2h23FKBRcPsLh+0:r4iCqgN1o715BSHR29yZTFKBRx9

Score

N/A

Malware Config

Signatures

Files

98f628f63618315d36062400fee9a4c0c2e33fd5e17b8c30914f25f6633da98e
.exe windows x86

5ba67bc8f8c91df96f20e3813983b9d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSCWriteProviderOrder
WSCDeinstallProvider
WSAStartup
WSCGetProviderPath
WSCEnumProtocols
WSACleanup
WSCInstallProvider

advapi32

SetSecurityDescriptorDacl
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
InitializeSecurityDescriptor

rpcrt4

UuidCreate

ole32

StringFromGUID2

kernel32

SetStdHandle
WriteFile
VirtualAlloc
GetOEMCP
WideCharToMultiByte
IsValidCodePage
SetHandleCount
SetFilePointer
TlsAlloc
GetModuleHandleA
UnhandledExceptionFilter
IsValidLocale
DeleteCriticalSection
GetUserDefaultLCID
WriteConsoleW
TlsGetValue
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsA
SetEndOfFile
FlushFileBuffers
CreateFileA
TlsFree
EnterCriticalSection
FreeEnvironmentStringsW
GetSystemTime
WriteConsoleA
RtlUnwind
LCMapStringA
GetACP
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetCommandLineA
VirtualFree
IsDebuggerPresent
HeapReAlloc
LCMapStringW
HeapFree
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
HeapDestroy
EnumSystemLocalesA
GetTimeFormatA
TlsSetValue
ReadFile
GetConsoleCP
GetSystemTimeAsFileTime
GetProcessHeap
GetSystemDirectoryA
FreeLibrary
HeapAlloc
FreeEnvironmentStringsA
CloseHandle
GetModuleHandleW
HeapSize
GetTempPathA
LeaveCriticalSection
GetCurrentThreadId
GetConsoleOutputCP
SetLastError
RaiseException
GetConsoleMode
GetCurrentProcess

cmutil

CmAtolA
CmLoadImageW
CmStrTrimW
CmLoadIconW
CmRealloc
WzToSzWithAlloc
CmLoadIconA

kbdsg

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ba67bc8f8c91df96f20e3813983b9d3

Headers

File Characteristics

Imports

ws2_32

advapi32

rpcrt4

ole32

kernel32

cmutil

kbdsg

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 280KB - Virtual size: 1.0MB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 280KB - Virtual size: 1.0MB

.rsrc
Size: 512B - Virtual size: 4KB