98d8da356fd27d674c7bb20a067e0b0d37def58bfef309ce48587da8cfce1603

Sharing

Copy URL Twitter E-mail

General

Target

98d8da356fd27d674c7bb20a067e0b0d37def58bfef309ce48587da8cfce1603
Size

58KB
MD5

b487feb8ac77d965fd7750d74a042ac9
SHA1

ddb70c670bdb780d465721bfee72de34eecf5857
SHA256

98d8da356fd27d674c7bb20a067e0b0d37def58bfef309ce48587da8cfce1603
SHA512

bf520d18af7e3de1b524f1b8d5f15e8a15932cf0db57d93e0b1e2ea76e1ac98442a9c3636b6e3d593d558ac99b89c97d30a1ba7bdaafb9194da8375bedc627fd
SSDEEP

1536:W8mNL0nNwCeVGOqPsSCk6l89CEciwCIPJ:LKAnNReIHPdf6l89CEcpPJ

Score

N/A

Malware Config

Signatures

Files

98d8da356fd27d674c7bb20a067e0b0d37def58bfef309ce48587da8cfce1603
.exe windows x86

4c65fb40b4a1aeaa8eb39b0dbc78d7e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

kernel32

GetWindowsDirectoryA
SetThreadPriority
GetCurrentThread
DeleteFileA
SetPriorityClass
GetCurrentProcess
CreateFileA
GetSystemDirectoryA
SetCurrentDirectoryA
GetModuleFileNameA
GetLastError
CreateMutexA
GetExitCodeThread
CancelIo
SetEvent
Sleep
ReadFile
ExitThread
CreateThread
CreateEventA
CreateProcessA
GetPrivateProfileStringA
FileTimeToSystemTime
GetProcessTimes
OpenProcess
GetStringTypeExA
GetUserDefaultLCID
GlobalFree
GlobalUnlock
GlobalHandle
lstrcmpA
GlobalLock
GlobalAlloc
MultiByteToWideChar
WaitForSingleObject
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
SetFilePointer
LCMapStringA
LCMapStringW
RtlUnwind
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
FlushFileBuffers
ReleaseMutex
GetExitCodeProcess
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
lstrcpyA
GetPrivateProfileIntA
WritePrivateProfileStringA

user32

SendMessageA
SetTimer
GetForegroundWindow
KillTimer
keybd_event
EndDialog
DefWindowProcA
PostQuitMessage
RegisterClassA
LoadCursorA
DispatchMessageA
TranslateMessage
GetMessageA
EnableWindow
CreateDialogParamA
CreateWindowExA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId
EnumWindows
CharPrevA
CharNextA
CreatePopupMenu
DdeFreeStringHandle
DdeGetLastError
DdePostAdvise
DdeCreateStringHandleA
DdeCmpStringHandles
DdeCreateDataHandle
DdeFreeDataHandle
DdeNameService
DdeInitializeA
CharLowerA
wsprintfA
MessageBoxA
SetWindowLongA
DestroyWindow
FindWindowA
DialogBoxParamA
PostMessageA
SystemParametersInfoA
LoadIconA
UnregisterDeviceNotification
RegisterDeviceNotificationA
AppendMenuA
SetMenuDefaultItem
EnableMenuItem
GetCursorPos
SetForegroundWindow
TrackPopupMenuEx
DdeUninitialize
DestroyMenu

hid

HidP_MaxUsageListLength
HidP_GetSpecificValueCaps
HidP_GetSpecificButtonCaps
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetAttributes
HidD_GetPreparsedData
HidD_SetFeature
HidD_GetFeature
HidD_GetHidGuid

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

shell32

Shell_NotifyIconA
ShellExecuteExA

winmm

mixerOpen
mixerClose
waveOutGetDevCapsA
mixerGetID
waveOutGetNumDevs
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails

ole32

CoCreateInstance
CoInitialize
CoUninitialize

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c65fb40b4a1aeaa8eb39b0dbc78d7e6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

hid

setupapi

shell32

winmm

ole32

wtsapi32

Sections

.text Size: 50KB - Virtual size: 49KB

.data Size: 2KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 2KB

.ndata Size: 2KB - Virtual size: 4KB

.text
Size: 50KB - Virtual size: 49KB

.data
Size: 2KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 2KB

.ndata
Size: 2KB - Virtual size: 4KB