a6185b5984b3664048abab23991cb1675f8b419a3138d26e7cdd1abd228d14e6

Sharing

Copy URL

Twitter E-mail

General

Target

a6185b5984b3664048abab23991cb1675f8b419a3138d26e7cdd1abd228d14e6
Size

300KB
MD5

4d337daaa91a4bc7787b3ce07070b786
SHA1

7ec5437f7345f3f02ba777ef786e63d71e33b8b6
SHA256

a6185b5984b3664048abab23991cb1675f8b419a3138d26e7cdd1abd228d14e6
SHA512

cbf92bb46c30d10930e4055e2053779dc6be2d406d52e34f848d3dd78bbb61b9d132b20f09e4f39ddbb601ede53213dd375055c35102f68bf6c80a8c551ea53a
SSDEEP

6144:UopuLTHJYrq3dRiHuHH88uXwK/9ORAKA6hLQbQRF+D:TUTGu3dRakDq/8bRQboc

Score

N/A

Malware Config

Signatures

Files

a6185b5984b3664048abab23991cb1675f8b419a3138d26e7cdd1abd228d14e6
.dll windows x86

09037545a053e59e78851e95449c522b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
GetACP
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadResource
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
lstrlenW
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

ole32

StringFromGUID2
CreateDataAdviseHolder
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance

user32

CallNextHookEx
CharNextA
CharNextW
CreateDialogParamA
DestroyWindow
EnumDisplaySettingsA
GetForegroundWindow
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
IsIconic
IsWindowVisible
IsZoomed
MoveWindow
RegisterClipboardFormatA
SetFocus
SetWindowsHookExA
ShowWindow
UnhookWindowsHookEx

oleaut32

VariantClear
VarUI4FromStr
UnRegisterTypeLi
SysStringLen
SysFreeString
SysAllocString
RegisterTypeLi
LoadTypeLi

Exports

Exports

ClearWeakRefs
Compile
Long_FromUnicode
_mystricmp
vInitA

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09037545a053e59e78851e95449c522b

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

oleaut32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 146KB - Virtual size: 145KB

.data Size: 35KB - Virtual size: 35KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 146KB - Virtual size: 145KB

.data
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 3KB