8b78b157e4f19c7f1289d60e26f07896bb7855f89e6896d66b1d6e4d49bbbd9a

Sharing

Copy URL Twitter E-mail

General

Target

8b78b157e4f19c7f1289d60e26f07896bb7855f89e6896d66b1d6e4d49bbbd9a
Size

156KB
MD5

b79af4df34a09b6ca7af9c1701e3c9c3
SHA1

1b3648ad6ceb874dbae1eeace53bc8033f5d0d58
SHA256

8b78b157e4f19c7f1289d60e26f07896bb7855f89e6896d66b1d6e4d49bbbd9a
SHA512

90e5ec2add8b5010cee6c31c63698e77fdafe00ef79f461952d362f1abe276577bacd7e072229dcad607310bf9b2b4c29a1243c39d2a785bfbfe553715ebe2d1
SSDEEP

3072:z3nD1FiBYZEwa6Wrwtfm5emavbLyrqVjEC6iUk1noPvlFMl+srLjFl/4G:zhFaiPm5envbLKqOC6iUYoPNFWHH/

Score

N/A

Malware Config

Signatures

Files

8b78b157e4f19c7f1289d60e26f07896bb7855f89e6896d66b1d6e4d49bbbd9a
.dll windows x86

082183c8325880e0d73d24898589805f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetVolumeInformationA
GetCommandLineA
MapViewOfFile
TerminateProcess
GetProcAddress
CreateMutexW
GetModuleFileNameA
ReadProcessMemory
EnterCriticalSection
GetLastError
GetProcessHeap
LeaveCriticalSection
GetComputerNameA
SetLastError
WriteProcessMemory
CreateDirectoryA
GetTickCount
CloseHandle
CreateFileA
Sleep
UnmapViewOfFile
HeapAlloc
InterlockedCompareExchange
InterlockedIncrement
CreateProcessA
OpenEventA
WaitForSingleObject
InterlockedDecrement
GetCurrentProcess
OpenFileMappingA
LocalFree
ExitProcess
LoadLibraryA
GlobalAlloc
HeapFree
GlobalFree
CreateEventA
CreateFileMappingA
WriteFile
GetModuleHandleA

ole32

CoInitialize
CoUninitialize
OleCreate
CoTaskMemAlloc
CoCreateInstance
OleSetContainedObject
CoSetProxyBlanket
CoCreateGuid

user32

UnhookWindowsHookEx
DispatchMessageA
PostQuitMessage
GetCursorPos
PeekMessageA
GetWindowThreadProcessId
DefWindowProcA
GetMessageA
ScreenToClient
ClientToScreen
SetWindowsHookExA
SetTimer
FindWindowA
KillTimer
CreateWindowExA
GetWindow
GetParent
GetSystemMetrics
GetWindowLongA
SetWindowLongA
RegisterWindowMessageA
TranslateMessage
SendMessageA
GetClassNameA
DestroyWindow

oleaut32

SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegQueryValueExA
RegDeleteKeyA
DuplicateTokenEx
RegCloseKey
OpenProcessToken
RegSetValueExA
GetUserNameA
SetTokenInformation
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

UtilMouseUsb

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 937B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

082183c8325880e0d73d24898589805f

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 937B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 937B

.reloc
Size: 8KB - Virtual size: 6KB