906ebed0269bd87024edaa5f0fd668d24d8fb7ff41fa5d4929e7908e9cbcaca4

Sharing

Copy URL Twitter E-mail

General

Target

906ebed0269bd87024edaa5f0fd668d24d8fb7ff41fa5d4929e7908e9cbcaca4
Size

148KB
MD5

450ea78d3e78999657bccf467cba637a
SHA1

b7dfb3a2b28a3a61ebb01f4ff401692c029eb0f7
SHA256

906ebed0269bd87024edaa5f0fd668d24d8fb7ff41fa5d4929e7908e9cbcaca4
SHA512

acbb70033fd1917e3d3a6c8323d5328a647f6686a5b6dc1920fccfb29db38ba93996762229645d149e924b961968c2c92e2faa423f39a34b20406e7316de5cae
SSDEEP

3072:5pIxuRr1ceNmoh2crT+kkPPgPCfgEZOyGM2UNTqPAPe/HOhsk4yUXx:5pI2ceAoiXPPLPZOyGM2UBph0yU

Score

N/A

Malware Config

Signatures

Files

906ebed0269bd87024edaa5f0fd668d24d8fb7ff41fa5d4929e7908e9cbcaca4
.dll windows x86

6d98e0624f00675a41a4e58093db3218

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LoadLibraryA
InterlockedCompareExchange
LocalFree
OpenFileMappingA
SetLastError
TerminateProcess
GetProcAddress
ReadProcessMemory
MapViewOfFile
OpenEventA
UnmapViewOfFile
CreateFileMappingA
WriteProcessMemory
CreateFileA
GetTickCount
CreateEventA
CopyFileA
GetCurrentProcess
HeapAlloc
InterlockedIncrement
GlobalAlloc
GetProcessHeap
LeaveCriticalSection
GetVolumeInformationA
WriteFile
GetModuleFileNameA
Sleep
HeapFree
EnterCriticalSection
WaitForSingleObject
CreateProcessA
InterlockedDecrement
GlobalFree
CloseHandle
GetLastError
GetComputerNameA
CreateMutexW
GetModuleHandleA
CreateDirectoryA
GetCommandLineA

ole32

OleSetContainedObject
CoInitialize
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoUninitialize
OleCreate

user32

DestroyWindow
GetClassNameA
FindWindowA
GetWindowLongA
UnhookWindowsHookEx
SetWindowLongA
ScreenToClient
KillTimer
GetSystemMetrics
GetWindowThreadProcessId
GetWindow
GetParent
CreateWindowExA
GetCursorPos
GetMessageA
SetTimer
PostQuitMessage
RegisterWindowMessageA
PeekMessageA
TranslateMessage
DefWindowProcA
ClientToScreen
SendMessageA
SetWindowsHookExA
DispatchMessageA

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
DuplicateTokenEx
GetUserNameA
RegDeleteValueA
SetTokenInformation
OpenProcessToken
RegDeleteKeyA
RegCloseKey
RegSetValueExA

shell32

SHGetFolderPathA

Exports

Exports

mfcUserServices

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d98e0624f00675a41a4e58093db3218

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 948B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 948B

.reloc
Size: 8KB - Virtual size: 6KB