bb9816d10b63258d105838532a23d4464ec3557e55fe33ff2e29fb7cae8957ee

Sharing

Copy URL Twitter E-mail

General

Target

bb9816d10b63258d105838532a23d4464ec3557e55fe33ff2e29fb7cae8957ee
Size

148KB
MD5

52274738b367988cbfc244224b428a0c
SHA1

3a066c0f4507ff928c461ab064f301323f040edb
SHA256

bb9816d10b63258d105838532a23d4464ec3557e55fe33ff2e29fb7cae8957ee
SHA512

d943f658c1626a7b0263d59c33cf3c0c63b43c44f6892b71887d7b7424f25676e95652e10f6a42ca54658aa941de69899d71c7fc0ab0b0630a17e88d73651f5f
SSDEEP

3072:H4OuJL9pI8xrsQs3k7UCB3b0N8NTkGvnwMs8BGPU9bN85cv3UzjkeaX:xYr5Ls3k7jIGvnwFX2XPUz9aX

Score

N/A

Malware Config

Signatures

Files

bb9816d10b63258d105838532a23d4464ec3557e55fe33ff2e29fb7cae8957ee
.dll windows x86

fd56167fbd9752c16c3fd6b1b541aa8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LeaveCriticalSection
OpenEventA
GetVolumeInformationA
GetTickCount
GlobalAlloc
Sleep
CreateFileA
GetCommandLineA
TerminateProcess
CreateDirectoryA
GetModuleHandleA
GetProcessHeap
LoadLibraryA
HeapFree
HeapAlloc
MapViewOfFile
CloseHandle
GetProcAddress
EnterCriticalSection
CreateProcessA
GetModuleFileNameA
CopyFileA
WriteProcessMemory
ReadProcessMemory
SetLastError
CreateFileMappingA
CreateMutexW
InterlockedCompareExchange
InterlockedIncrement
OpenFileMappingA
CreateEventA
GetLastError
GetCurrentProcess
UnmapViewOfFile
GlobalFree
GetComputerNameA
WriteFile
InterlockedDecrement
LocalFree
WaitForSingleObject

ole32

CoSetProxyBlanket
CoUninitialize
CoCreateGuid
OleSetContainedObject
CoTaskMemAlloc
CoInitialize
OleCreate
CoCreateInstance

user32

GetWindow
UnhookWindowsHookEx
GetWindowThreadProcessId
GetParent
DispatchMessageA
GetCursorPos
FindWindowA
GetWindowLongA
ClientToScreen
DestroyWindow
GetClassNameA
KillTimer
GetMessageA
TranslateMessage
SetWindowsHookExA
ScreenToClient
PostQuitMessage
PeekMessageA
DefWindowProcA
RegisterWindowMessageA
SendMessageA
GetSystemMetrics
SetWindowLongA
SetTimer
CreateWindowExA

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteKeyA
SetTokenInformation
GetUserNameA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
DuplicateTokenEx
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFolderPathA

Exports

Exports

CRLHelpHelper

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aag
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd56167fbd9752c16c3fd6b1b541aa8e

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 952B

aag Size: 4KB - Virtual size: 12B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 952B

aag
Size: 4KB - Virtual size: 12B

.reloc
Size: 8KB - Virtual size: 6KB