5c40c45b0a26e367439acf1dd6b7ec139974af4a0c642ba0afdf2a84aadebb66

Sharing

Copy URL Twitter E-mail

General

Target

5c40c45b0a26e367439acf1dd6b7ec139974af4a0c642ba0afdf2a84aadebb66
Size

39KB
MD5

f458914cc0f566fc78d1d55a970c5b35
SHA1

079a9d61e732bc099cf24825c6b3594775a77500
SHA256

5c40c45b0a26e367439acf1dd6b7ec139974af4a0c642ba0afdf2a84aadebb66
SHA512

079be0bb1c91068ab239f94ff99780f10a96f435ea7724cbcf45bf9f48c0fdd175355db4f78fdb0078888773358cf008438bcc57cfc0e4bd2a4d87c80eef3e9e
SSDEEP

768:xPB5kGKkk+HZbkRykMMw5ywqZHdjLauqBNDdT0VdZp7tkARlNlWmTwR:xPB5yr+HyRyFf5ywqDLau+5T0VdZpb/u

Score

N/A

Malware Config

Signatures

Files

5c40c45b0a26e367439acf1dd6b7ec139974af4a0c642ba0afdf2a84aadebb66
.dll windows x86

55a22c89df0be5d696d9d3144a2d600c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
OpenProcess
CreateMutexA
CreateProcessA
CloseHandle
WriteFile
CreateFileA
lstrcatA
lstrcpynA
lstrlenA
WaitForSingleObject
ExitProcess
Sleep
VirtualFree
VirtualAlloc
lstrcmpA
lstrcmpiA
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
GetCurrentThreadId
WritePrivateProfileStringA
GetWindowsDirectoryA
MoveFileExA
SetEvent
GetLastError
SystemTimeToFileTime
CreateEventA
GetVersionExA
MoveFileA
GetLocaleInfoA
GetVolumeInformationA
ReleaseMutex
HeapFree
ReadFile
HeapAlloc
GetTempFileNameA
DeleteFileA
GetProcessHeap
GlobalAlloc
VirtualQueryEx
GetThreadContext
GlobalFree
TerminateProcess
ResumeThread
RtlUnwind
VirtualQuery
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocalTime
GetModuleHandleA
GetProcAddress
lstrcpyA
RaiseException
GetModuleFileNameA
GetTempPathA
GetTickCount
GetVersion
GetFileSize
GetSystemTime

user32

PostMessageA
SetWindowsHookExA
FindWindowA
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop
wsprintfA
FindWindowExA
GetWindowThreadProcessId
GetCursorPos
EqualRect
GetWindowRect
ClientToScreen
GetFocus
IsWindowVisible
InflateRect
GetCaretPos
CallNextHookEx

advapi32

RegCloseKey
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
OpenProcessToken
CreateProcessAsUserA
RegCreateKeyExA

shlwapi

SHDeleteValueA
SHSetValueA
SHGetValueA
SHDeleteKeyA

Exports

Exports

GMvYoxFZHw
PzErSE
RLsXgdm
ZnGLphrDwArK
qDIVJuFLqXm

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55a22c89df0be5d696d9d3144a2d600c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 2KB