8ca934b2605f8b877534be8fc0c89df9d386f2ea92b447bec36b2f27cc5096c0

Sharing

Copy URL

Twitter E-mail

General

Target

8ca934b2605f8b877534be8fc0c89df9d386f2ea92b447bec36b2f27cc5096c0
Size

57KB
MD5

8f711a00f7b98dfd4da39b9861b2d7ce
SHA1

0951735c85b35f23cd6edf85a7b6be9bfc3f3e07
SHA256

8ca934b2605f8b877534be8fc0c89df9d386f2ea92b447bec36b2f27cc5096c0
SHA512

af386249ba92b9fc209eb96d3cf256321d431763ce066630792f0a0fa42d562e8013c82b2871783a40084e72f1f676231cabc85e49a1c8aac4e6972ed75422ea
SSDEEP

768:K8RXAAN2EINAfzPUu8XEX8X0b3N/dE1ba1xCeOfBItRHO+JUKQSS9E1WvGIg3RJR:KZAYv6U5aEEzeBOu+JUPEk1G28Iqv

Score

N/A

Malware Config

Signatures

Files

8ca934b2605f8b877534be8fc0c89df9d386f2ea92b447bec36b2f27cc5096c0
.dll windows x86

523b35f7d603a8ed69be1b5c6bc7bd2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GlobalAlloc
LocalAlloc
DeleteCriticalSection
GetUserDefaultLCID
ReleaseMutex
WaitForMultipleObjects
FileTimeToSystemTime
ExitThread
SetErrorMode
SetLastError
LockResource
SystemTimeToTzSpecificLocalTime
UnmapViewOfFile
MapViewOfFile
WaitForSingleObject
VirtualQueryEx
FreeLibrary
CreateFileMappingA
GetModuleHandleA
FindVolumeMountPointClose

imguries

ImmSetStatusWindowPos
ImmProcessKey
ImmUnregisterWordA
ILFindChild
CtfImmCoUninitialize
ILIsEqual
RealDriveType
ImmGetCompositionStringA
ImmPenAuxInput
PifMgr_SetProperties
ImmEnumRegisterWordA
PifMgr_GetProperties
DoEnvironmentSubstA
SdbCloseDatabase
SdbQueryDataEx
SdbReadMsiTransformInfo
DAD_AutoScroll
ImmGetCompositionFontA
CtfImmSetAppCompatFlags
IsLFNDrive
ImmIMPGetIMEA
ImmGetGuideLineA
RealShellExecuteA
SdbReadQWORDTagRef
SdbRegisterDatabaseEx
RealShellExecuteExA
SdbGetFirstChild
DAD_DragEnterEx
ImmGetIMCCLockCount
ImmNotifyIME
ImmTranslateMessage
ImmUnlockClientImc
ImmGetImeInfoEx
ImmGenerateMessage
CtfImmSetCiceroStartInThread
DAD_DragMove
ImmWINNLSGetIMEHotkey
ImmSetConversionStatus
DragAcceptFiles
ImmDestroyIMCC
SdbGetTagDataSize
ImmLockIMC
ImmReleaseContext
ImmGetConversionStatus
ImmUnlockIMC
SdbGetTagFromTagID

user32

IsIconic
GetDlgItem
InvalidateRect
UnhookWindowsHookEx
GetParent
IsWindow
GetDC
ReleaseDC

ntdll

NtSetQuotaInformationFile
wcstoul

advapi32

GetTokenInformation
GetAce
AdjustTokenPrivileges
ControlService
CheckTokenMembership

ole32

CoUninitialize

netapi32

NetShareEnum

Exports

Exports

CreateProcessNotify
perfkman

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

523b35f7d603a8ed69be1b5c6bc7bd2a

Headers

File Characteristics

Imports

kernel32

imguries

user32

ntdll

advapi32

ole32

netapi32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 52KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 50KB - Virtual size: 52KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB