8450495e4aa84130ee196f3639c8619e69f4c480063f70f88f24dd2991194098

Sharing

Copy URL

Twitter E-mail

General

Target

8450495e4aa84130ee196f3639c8619e69f4c480063f70f88f24dd2991194098
Size

253KB
MD5

b3b2004e92d6141bf9a6f71394723dc1
SHA1

c71da1207b2b740c2004a17a192fc990a2cd703d
SHA256

8450495e4aa84130ee196f3639c8619e69f4c480063f70f88f24dd2991194098
SHA512

d558d7bad846723fbf7ed7e41d4430528411170703cfcd0dd02bed45b8bcdf3ec824770bd571e0c0f30e7f434c2969c3a3eb2f25a1ce1943583097d5fd551e8f
SSDEEP

6144:E/wbFgTi2RsbXzeLjzOg/QQR9AXJChcl5hDfKJ39y9q+SvpY:E/wpxXMzfQQRqXiE5hjKneX

Score

N/A

Malware Config

Signatures

Files

8450495e4aa84130ee196f3639c8619e69f4c480063f70f88f24dd2991194098
.exe windows x86

14c048ca2549ef825dac05a49522f504

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
SysFreeString
SysStringLen
SysAllocStringByteLen
LoadTypeLi
VariantClear
OleCreatePropertyFrame
DispCallFunc
RegisterTypeLi
LoadRegTypeLi
SysAllocString
UnRegisterTypeLi
SysStringByteLen
VariantInit
VariantChangeType
VariantCopy

advapi32

RegQueryInfoKeyA
RegOpenCurrentUser
RegQueryValueExA
RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegOpenKeyExW
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA

gdi32

CreateMetaFileA
RestoreDC
CreateRectRgnIndirect
SetWindowExtEx
GetDeviceCaps
CloseMetaFile
SetWindowOrgEx
SetTextAlign
SaveDC
SetViewportOrgEx
LPtoDP
DeleteMetaFile
DeleteDC
TextOutA
CreateDCA
SetMapMode

kernel32

TerminateThread
SetFilePointer
CreateFileW
MulDiv
lstrcpyA
FlushFileBuffers
SetHandleCount
HeapSize
FindClose
GetCurrentThreadId
DeleteFileW
CreateMutexA
lstrlenW
GetACP
FreeEnvironmentStringsW
GetConsoleMode
IsDebuggerPresent
WriteConsoleA
LoadLibraryExA
GetFileType
TlsAlloc
LoadResource
RtlUnwind
VirtualQuery
GetTempPathA
FindFirstFileA
HeapAlloc
WaitForMultipleObjects
CreateThread
WritePrivateProfileStringA
GlobalAlloc
FindNextFileA
GetConsoleOutputCP
FindResourceA
GlobalUnlock
TlsFree
CreateEventA
LCMapStringA
LCMapStringW
OutputDebugStringA
CloseHandle
ReleaseMutex
LeaveCriticalSection
CreateMutexW
TlsGetValue
lstrlenA
WideCharToMultiByte
FlushInstructionCache
UnhandledExceptionFilter
WaitForSingleObjectEx
GetSystemInfo
RaiseException
VirtualFree
GetProcessHeap
GetLocalTime
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
lstrcatA
TlsSetValue
GetStdHandle
VirtualProtect
DeleteFileA
CreateFileA
FreeLibrary
lstrcmpiA
GetThreadLocale
GetConsoleCP
ReadFile
SizeofResource
CreateDirectoryW
WaitForSingleObject
HeapDestroy
GetTempFileNameW
HeapFree
FreeEnvironmentStringsA
SetLastError
GetCommandLineA
IsValidCodePage
WriteFile
HeapReAlloc
GetTempPathW
lstrcmpA
EnterCriticalSection
GlobalLock
SetStdHandle
GetOEMCP
GetSystemTimeAsFileTime
WriteConsoleW
SetFileAttributesA
IsDBCSLeadByte
GetModuleHandleA
VirtualAlloc
DeleteCriticalSection
VirtualAllocEx

ole32

OleLoadFromStream
CreateOleAdviseHolder
OleRegEnumVerbs
CoTaskMemAlloc
CoTaskMemRealloc
OleSaveToStream
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoCreateInstance
WriteClassStm
CoTaskMemFree
StringFromGUID2

user32

PtInRect
UnionRect
SetWindowRgn
ShowWindow
GetKeyState
GetFocus
IntersectRect
GetParent
UnregisterClassA
ReleaseDC
DefWindowProcA
GetDC
SetFocus
SetWindowLongA
SetWindowPos
EqualRect
IsChild
CallWindowProcA
InvalidateRect
IsWindow
GetClientRect
MessageBoxA
CharNextA
DestroyWindow
wsprintfA
SetCursor
GetWindowLongA
LoadCursorA
OffsetRect
GetForegroundWindow

userenv

GetProfileType
FreeGPOListW
WaitForMachinePolicyForegroundProcessing
GetProfilesDirectoryA
GetUserProfileDirectoryW

hid

HidP_GetUsagesEx
HidD_SetNumInputBuffers
HidP_SetData

Sections

.odoAZe
Size: 512B - Virtual size: 11KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crSJqh
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DzSbgkk
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QaOyz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hJNfQ
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OyWUf
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cGSFKO
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14c048ca2549ef825dac05a49522f504

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

advapi32

gdi32

kernel32

ole32

user32

userenv

hid

Sections

.odoAZe Size: 512B - Virtual size: 11KB

.text Size: 19KB - Virtual size: 18KB

.crSJqh Size: 512B - Virtual size: 129B

.DzSbgkk Size: 3KB - Virtual size: 2KB

.QaOyz Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 304KB

.rdata Size: 210KB - Virtual size: 210KB

.hJNfQ Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.OyWUf Size: 1024B - Virtual size: 760B

.cGSFKO Size: 2KB - Virtual size: 2KB

.odoAZe
Size: 512B - Virtual size: 11KB

.text
Size: 19KB - Virtual size: 18KB

.crSJqh
Size: 512B - Virtual size: 129B

.DzSbgkk
Size: 3KB - Virtual size: 2KB

.QaOyz
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 304KB

.rdata
Size: 210KB - Virtual size: 210KB

.hJNfQ
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.OyWUf
Size: 1024B - Virtual size: 760B

.cGSFKO
Size: 2KB - Virtual size: 2KB