4320213cc778bcb3531caa474f61fab3e4d8e19af26a7aeb510fb30b63deb188

Sharing

Copy URL Twitter E-mail

General

Target

4320213cc778bcb3531caa474f61fab3e4d8e19af26a7aeb510fb30b63deb188
Size

348KB
MD5

53340441692ea231df46eb88b1cba29d
SHA1

6b52ad64349e82f92d3bcc230a6f2abed15a7ab0
SHA256

4320213cc778bcb3531caa474f61fab3e4d8e19af26a7aeb510fb30b63deb188
SHA512

9fe2c960ddf156204a6bb4eaf56b1a0af69e43d2e1d6e91786ee19ae11bdfe3c10dfaab4a3129d3437b81627e39349d3fbc3e52ac04b773ad3274d494bb8d3b0
SSDEEP

6144:WGg1WH9z47lU1OwI/quJwDQDesJFnTD7C1iAS0pFXXCquVMmq+TE:WGm/MOtDeoFTnC1PS0TCquVJ

Score

N/A

Malware Config

Signatures

Files

4320213cc778bcb3531caa474f61fab3e4d8e19af26a7aeb510fb30b63deb188
.exe windows x86

8a3bf11bb143dfce645603ac25106e6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
UnregisterClassA

advapi32

OpenProcessToken
GetLengthSid
OpenThreadToken
IsValidSid
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetTokenInformation
SetThreadToken
EqualSid
CopySid

shell32

SHGetFolderPathW
SHGetMalloc
SHGetDesktopFolder

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

CreateEventW
ReadFile
FindResourceW
FormatMessageW
CloseHandle
FindVolumeMountPointClose
HeapFree
CreateFileW
IsDebuggerPresent
GetVolumeNameForVolumeMountPointW
LoadResource
WaitForMultipleObjects
LeaveCriticalSection
GetFileSize
HeapAlloc
ResumeThread
SetLastError
GetLogicalDriveStringsW
SetThreadLocale
GetSystemInfo
GetVolumePathNameW
HeapSize
GetACP
FindClose
SetFileAttributesW
WaitForSingleObject
WriteFile
GetModuleHandleW
GetFileType
FindFirstFileW
HeapDestroy
SizeofResource
GetLongPathNameW
SetUnhandledExceptionFilter
HeapReAlloc
DeviceIoControl
BackupRead
UnhandledExceptionFilter
FindNextFileW
DeleteFileW
GetSystemTimeAsFileTime
GetCurrentThreadId
FreeLibrary
RaiseException
FileTimeToSystemTime
FindResourceExW
BackupSeek
SetFilePointer
FindNextVolumeMountPointW
LockResource
GetFileInformationByHandle
WideCharToMultiByte
GetDriveTypeW
DeleteCriticalSection
GetProcessHeap
FindFirstVolumeMountPointW
EnterCriticalSection
lstrlenW
lstrlenA
MoveFileW
CreateDirectoryW
GetThreadLocale
GetFullPathNameW
VirtualAlloc

oleaut32

LoadTypeLi
SystemTimeToVariantTime
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnlock
SysStringByteLen
SafeArrayUnaccessData
VariantChangeType
SafeArrayAccessData
SafeArrayGetUBound
SysFreeString
SysStringLen
VariantInit
VarBstrCat
VarBstrCmp
SafeArrayRedim
SafeArrayLock
SafeArrayGetVartype
VariantCopy
SafeArrayCopy
VarUdateFromDate
SafeArrayGetElemsize
SafeArrayDestroy
SysAllocStringLen
SafeArrayCreate
LoadRegTypeLi
VariantTimeToSystemTime
SysAllocString
SysAllocStringByteLen
GetErrorInfo
VariantClear
VariantCopyInd

ole32

CoCreateInstance
CoImpersonateClient
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoGetCallContext
CoRevertToSelf

shlwapi

PathAppendW
StrRetToStrW

userenv

UnloadUserProfile

cmutil

CmAtolA
CmLoadImageA
SzToWzWithAlloc
GetOSBuildNumber
CmEndOfStrW
CmParsePathW

kbdhe319

KbdLayerDescriptor

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a3bf11bb143dfce645603ac25106e6b

Headers

File Characteristics

Imports

user32

advapi32

shell32

version

kernel32

oleaut32

ole32

shlwapi

userenv

cmutil

kbdhe319

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 314KB - Virtual size: 1.2MB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 314KB - Virtual size: 1.2MB

.rsrc
Size: 512B - Virtual size: 4KB