8d3cc652f8428e036b198fecafd13edc35cb490fd9b4bec7ab97902c2ad8e459

Sharing

Copy URL Twitter E-mail

General

Target

8d3cc652f8428e036b198fecafd13edc35cb490fd9b4bec7ab97902c2ad8e459
Size

57KB
MD5

cf9f91be27152e6fedc4afd90caf48f5
SHA1

1d344059cab78fd65356dd7796c3928877996228
SHA256

8d3cc652f8428e036b198fecafd13edc35cb490fd9b4bec7ab97902c2ad8e459
SHA512

d3c9c072a2376c338d904df1dedc551e84b4baa882f357a14af0a3256406de31c184970e909e037dc2d31f8013db291662e5203a52b7206b49535d288f85af64
SSDEEP

768:K8RXAAN2EINAfzPUu8XEX8X0b3N/dE1ba1xCeOfBItRHO+JUKQSS9E1WvGIg3RJn:KZAYv6U5aEEzeBOu+JUPEk1G28Iq1

Score

N/A

Malware Config

Signatures

Files

8d3cc652f8428e036b198fecafd13edc35cb490fd9b4bec7ab97902c2ad8e459
.dll windows x86

523b35f7d603a8ed69be1b5c6bc7bd2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GlobalAlloc
LocalAlloc
DeleteCriticalSection
GetUserDefaultLCID
ReleaseMutex
WaitForMultipleObjects
FileTimeToSystemTime
ExitThread
SetErrorMode
SetLastError
LockResource
SystemTimeToTzSpecificLocalTime
UnmapViewOfFile
MapViewOfFile
WaitForSingleObject
VirtualQueryEx
FreeLibrary
CreateFileMappingA
GetModuleHandleA
FindVolumeMountPointClose

imguries

ImmSetStatusWindowPos
ImmProcessKey
ImmUnregisterWordA
ILFindChild
CtfImmCoUninitialize
ILIsEqual
RealDriveType
ImmGetCompositionStringA
ImmPenAuxInput
PifMgr_SetProperties
ImmEnumRegisterWordA
PifMgr_GetProperties
DoEnvironmentSubstA
SdbCloseDatabase
SdbQueryDataEx
SdbReadMsiTransformInfo
DAD_AutoScroll
ImmGetCompositionFontA
CtfImmSetAppCompatFlags
IsLFNDrive
ImmIMPGetIMEA
ImmGetGuideLineA
RealShellExecuteA
SdbReadQWORDTagRef
SdbRegisterDatabaseEx
RealShellExecuteExA
SdbGetFirstChild
DAD_DragEnterEx
ImmGetIMCCLockCount
ImmNotifyIME
ImmTranslateMessage
ImmUnlockClientImc
ImmGetImeInfoEx
ImmGenerateMessage
CtfImmSetCiceroStartInThread
DAD_DragMove
ImmWINNLSGetIMEHotkey
ImmSetConversionStatus
DragAcceptFiles
ImmDestroyIMCC
SdbGetTagDataSize
ImmLockIMC
ImmReleaseContext
ImmGetConversionStatus
ImmUnlockIMC
SdbGetTagFromTagID

user32

IsIconic
GetDlgItem
InvalidateRect
UnhookWindowsHookEx
GetParent
IsWindow
GetDC
ReleaseDC

ntdll

NtSetQuotaInformationFile
wcstoul

advapi32

GetTokenInformation
GetAce
AdjustTokenPrivileges
ControlService
CheckTokenMembership

ole32

CoUninitialize

netapi32

NetShareEnum

Exports

Exports

CreateProcessNotify
evenconf

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

523b35f7d603a8ed69be1b5c6bc7bd2a

Headers

File Characteristics

Imports

kernel32

imguries

user32

ntdll

advapi32

ole32

netapi32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 52KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 50KB - Virtual size: 52KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB