bb8e126c08dd808298cba919db90e05c6cdab8355c6f9db9772bf22c74dd289f

Sharing

Copy URL Twitter E-mail

General

Target

bb8e126c08dd808298cba919db90e05c6cdab8355c6f9db9772bf22c74dd289f
Size

140KB
MD5

c10adaf1eeaa06d21ef333f136abb7e1
SHA1

35e9aa42c9307ac772daa06dc523e55a98c0a0c4
SHA256

bb8e126c08dd808298cba919db90e05c6cdab8355c6f9db9772bf22c74dd289f
SHA512

50d0cadcb2b6240852efb4a3e390fdfd9e7ecfbd693ac8b0c85ff904193417e634bfac7fce1ca3c4a1158f84cf6dd9c68f4594e871f2bed2d42586cca0a9cec1
SSDEEP

3072:39F5cSRdTE11cKdeqFLnv7uIjkiapwAbbEts:39Zke+vYpBEG

Score

N/A

Malware Config

Signatures

Files

bb8e126c08dd808298cba919db90e05c6cdab8355c6f9db9772bf22c74dd289f
.dll windows x86

0efac674e6c90f43643c3eec0ffe02c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
MapViewOfFile
InterlockedIncrement
OpenFileMappingA
HeapAlloc
GetComputerNameA
CopyFileA
OpenEventA
CreateEventA
InterlockedCompareExchange
EnterCriticalSection
CreateDirectoryA
HeapFree
GetProcAddress
TerminateProcess
GetCommandLineA
Sleep
GetCurrentProcess
CreateMutexW
LoadLibraryA
CreateFileMappingA
SetLastError
ReadProcessMemory
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleA
LeaveCriticalSection
GlobalFree
WaitForSingleObject
GetTickCount
GlobalAlloc
CreateProcessA
CreateFileA
GetProcessHeap
CloseHandle
WriteFile
ExitProcess
LocalFree
GetLastError
UnmapViewOfFile
WriteProcessMemory

ole32

CoSetProxyBlanket
CoInitialize
CoCreateInstance
OleCreate
CoUninitialize
CoCreateGuid
OleSetContainedObject
CoTaskMemAlloc

user32

SetTimer
SetWindowsHookExA
GetCursorPos
ScreenToClient
UnhookWindowsHookEx
GetWindowThreadProcessId
GetParent
DestroyWindow
TranslateMessage
PostQuitMessage
PeekMessageA
GetSystemMetrics
DefWindowProcA
GetWindowLongA
FindWindowA
GetClassNameA
CreateWindowExA
SendMessageA
SetWindowLongA
KillTimer
RegisterWindowMessageA
ClientToScreen
DispatchMessageA
GetMessageA
GetWindow

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

GetUserNameA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
OpenProcessToken
DuplicateTokenEx
RegDeleteKeyA
SetTokenInformation
RegOpenKeyExA

shell32

SHGetFolderPathA

Exports

Exports

syscfglink

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0efac674e6c90f43643c3eec0ffe02c1

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 969B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 969B

.reloc
Size: 8KB - Virtual size: 6KB