7885f1995ff1f20b88c4bef1c8108b83d9b3a2b0ac86596bbd89b1e7370b47b4

Sharing

Copy URL Twitter E-mail

General

Target

7885f1995ff1f20b88c4bef1c8108b83d9b3a2b0ac86596bbd89b1e7370b47b4
Size

308KB
MD5

1042f3ceda5425704a41b452ab9796b5
SHA1

9d8c23e513cbb953fe9c027043b37103db42d983
SHA256

7885f1995ff1f20b88c4bef1c8108b83d9b3a2b0ac86596bbd89b1e7370b47b4
SHA512

375395cba43d46cc7b3aba51763fa4160e341987b7095bb43483b41c5f07944457d3ca6d22bc83e9448c7a735989359be2fc8e6d7fdbc5eaf8997ca0a3b943e3
SSDEEP

6144:5rqk6h1AA1X3pwZmTT4VU9vKbURF/AD+8K05aR7MjP1Kqlto:5QIMmZmTmGFqKeP

Score

N/A

Malware Config

Signatures

Files

7885f1995ff1f20b88c4bef1c8108b83d9b3a2b0ac86596bbd89b1e7370b47b4
.exe windows x86

58d7450aff38800352dfe0135e2703b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CLSIDFromString
CoInitialize
ProgIDFromCLSID
CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2

kernel32

RaiseException
GetFileTime
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
FindClose
lstrlenW
IsDebuggerPresent
CreateFileMappingW
GetSystemInfo
GetUserDefaultUILanguage
LockFileEx
GetACP
lstrlenA
VirtualQuery
VirtualAlloc
LoadLibraryExW
GetModuleHandleW
WriteFile
CloseHandle
SetFileTime
SetLastError
OpenProcess
ReleaseSemaphore
SetUnhandledExceptionFilter
FormatMessageW
SwitchToThread
UnmapViewOfFile
GetSystemTimeAsFileTime
ReadFile
GetFileSize
MapViewOfFileEx
MapViewOfFile
GetFileAttributesExW
LocalAlloc
DeleteCriticalSection
FindNextFileW
GetLongPathNameW
VirtualFree
LCMapStringW
SetProcessWorkingSetSize
LoadResource
UnhandledExceptionFilter
SetFilePointer
UnlockFileEx
CreateFileW
GetFileType
ReleaseMutex
GetConsoleOutputCP
lstrcmpiW
FindFirstFileW
GetShortPathNameW
FindResourceW
FreeLibrary
OpenFileMappingW
GetCurrentThreadId
GetComputerNameW
GetConsoleMode
IsProcessorFeaturePresent
SizeofResource
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
VirtualAllocEx

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
CryptDestroyHash
CryptGetHashParam
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
CryptAcquireContextW
RegEnumKeyExW
CryptCreateHash
CryptHashData
CryptGenRandom
RegCloseKey
CryptReleaseContext

comctl32

CreateStatusWindow
ImageList_SetBkColor
CreatePropertySheetPageA
LBItemFromPt
ImageList_Copy
ImageList_Remove
GetEffectiveClientRect
ImageList_Replace
CreateStatusWindowW
ImageList_BeginDrag

user32

SetWindowLongW

kbdmon

KbdLayerDescriptor

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 45KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 167KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 701KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58d7450aff38800352dfe0135e2703b6

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

comctl32

user32

kbdmon

Sections

.text Size: 16KB - Virtual size: 15KB

.bss Size: 45KB - Virtual size: 727KB

.reloc Size: 167KB - Virtual size: 567KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 65KB - Virtual size: 701KB

.rsrc Size: 10KB - Virtual size: 21KB

.text
Size: 16KB - Virtual size: 15KB

.bss
Size: 45KB - Virtual size: 727KB

.reloc
Size: 167KB - Virtual size: 567KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 65KB - Virtual size: 701KB

.rsrc
Size: 10KB - Virtual size: 21KB