5d35f59b00d254a94cd50e24f5236fb7e40f2a88b852e50f996f723ccc7aede4

Sharing

Copy URL

Twitter E-mail

General

Target

5d35f59b00d254a94cd50e24f5236fb7e40f2a88b852e50f996f723ccc7aede4
Size

277KB
MD5

a21aae339a3652a97f94f1fa914e2699
SHA1

0ec82374bf3eb6f48e47bcba16592f0bf26f9821
SHA256

5d35f59b00d254a94cd50e24f5236fb7e40f2a88b852e50f996f723ccc7aede4
SHA512

d72238183c3265e9450f457232bbd9372cf9315357d222b8825e9c8d0e68f9b810b655d33166eca8958f5b6df8f11531984b750dd67118193f052c1ca4ea388a
SSDEEP

6144:B/HgLRvyfIGzkgKVPliLhxLojeZKVQt7UYaZGLP9MFfkUUvah:BPgdvwI38PoaZxUYaBf3Uvah

Score

N/A

Malware Config

Signatures

Files

5d35f59b00d254a94cd50e24f5236fb7e40f2a88b852e50f996f723ccc7aede4
.exe windows x86

0e3da93beb0aed5108dbe8be4fec0cb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrlenW
lstrcpyA
RaiseException
lstrcmpiA
lstrcpynA
lstrcatA
FreeLibrary
LoadResource
FindResourceA
GetModuleHandleA
OpenEventA
LocalFree
WaitForSingleObject
IsBadCodePtr
IsValidCodePage
GetThreadLocale
GetACP
IsValidLocale
GetUserDefaultLCID
GetOEMCP
GetCurrentDirectoryA
GetFullPathNameA
TlsAlloc
SetUnhandledExceptionFilter
GetProcessHeap
GetSystemInfo
MoveFileA
FileTimeToSystemTime
GetCurrentThreadId
CreateMutexA
GetProcAddress

user32

wsprintfA
CharNextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoCreateInstance

oleaut32

SafeArrayGetUBound
SysAllocString
GetErrorInfo
VariantChangeType
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
DispCallFunc
CreateErrorInfo
SetErrorInfo
SysAllocStringLen
SysStringLen
LoadTypeLi
LoadRegTypeLi
SafeArrayCopy
VariantCopyInd
SafeArrayRedim
SafeArrayDestroy
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
VariantCopy
VariantClear
SafeArrayGetLBound
SafeArrayGetVartype
VariantInit
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysFreeString

shlwapi

PathFindExtensionA

samlib

SamOpenAlias
SamCloseHandle
SamQueryInformationAlias
SamGetMembersInAlias
SamSetInformationGroup
SamEnumerateDomainsInSamServer

kbdbr

KbdLayerDescriptor

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cAt
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.El
Size: 4KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pVQkba
Size: 77KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.X
Size: 3KB - Virtual size: 607KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VFeTO
Size: 5KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XulqPa
Size: 137KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TrOA
Size: 512B - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e3da93beb0aed5108dbe8be4fec0cb8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

samlib

kbdbr

Sections

.text Size: 12KB - Virtual size: 12KB

.cAt Size: 1024B - Virtual size: 68KB

.El Size: 4KB - Virtual size: 780KB

.rdata Size: 2KB - Virtual size: 12KB

.pVQkba Size: 77KB - Virtual size: 81KB

.X Size: 3KB - Virtual size: 607KB

.data Size: 7KB - Virtual size: 335KB

.VFeTO Size: 5KB - Virtual size: 480KB

.XulqPa Size: 137KB - Virtual size: 151KB

.TrOA Size: 512B - Virtual size: 75KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 12KB - Virtual size: 12KB

.cAt
Size: 1024B - Virtual size: 68KB

.El
Size: 4KB - Virtual size: 780KB

.rdata
Size: 2KB - Virtual size: 12KB

.pVQkba
Size: 77KB - Virtual size: 81KB

.X
Size: 3KB - Virtual size: 607KB

.data
Size: 7KB - Virtual size: 335KB

.VFeTO
Size: 5KB - Virtual size: 480KB

.XulqPa
Size: 137KB - Virtual size: 151KB

.TrOA
Size: 512B - Virtual size: 75KB

.rsrc
Size: 26KB - Virtual size: 26KB