d2e6aa53e56e0df06a093a4733b1e54afea450377ac94f4b378139463c6701ec

Sharing

Copy URL Twitter E-mail

General

Target

d2e6aa53e56e0df06a093a4733b1e54afea450377ac94f4b378139463c6701ec
Size

308KB
MD5

8dd0132996f49f0a89d6a1a4ccf35ab2
SHA1

7c3038818db0de2fc8317d3dd5fae21b47ef7dac
SHA256

d2e6aa53e56e0df06a093a4733b1e54afea450377ac94f4b378139463c6701ec
SHA512

05b9917c95b2b0f9e3e6c36bc885c92bf1e01b108881987ff735a3c25905edc58a543ed65056e68e46f0f57fff7fc403f3639b86633fb481704e741df3c525d4
SSDEEP

6144:Erqk6h1AA1X3pwZmTT4VU9vKbURF/AD+8K05aR7MjP1Kqlto:EQIMmZmTmGFqKeP

Score

N/A

Malware Config

Signatures

Files

d2e6aa53e56e0df06a093a4733b1e54afea450377ac94f4b378139463c6701ec
.exe windows x86

58d7450aff38800352dfe0135e2703b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CLSIDFromString
CoInitialize
ProgIDFromCLSID
CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2

kernel32

RaiseException
GetFileTime
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
FindClose
lstrlenW
IsDebuggerPresent
CreateFileMappingW
GetSystemInfo
GetUserDefaultUILanguage
LockFileEx
GetACP
lstrlenA
VirtualQuery
VirtualAlloc
LoadLibraryExW
GetModuleHandleW
WriteFile
CloseHandle
SetFileTime
SetLastError
OpenProcess
ReleaseSemaphore
SetUnhandledExceptionFilter
FormatMessageW
SwitchToThread
UnmapViewOfFile
GetSystemTimeAsFileTime
ReadFile
GetFileSize
MapViewOfFileEx
MapViewOfFile
GetFileAttributesExW
LocalAlloc
DeleteCriticalSection
FindNextFileW
GetLongPathNameW
VirtualFree
LCMapStringW
SetProcessWorkingSetSize
LoadResource
UnhandledExceptionFilter
SetFilePointer
UnlockFileEx
CreateFileW
GetFileType
ReleaseMutex
GetConsoleOutputCP
lstrcmpiW
FindFirstFileW
GetShortPathNameW
FindResourceW
FreeLibrary
OpenFileMappingW
GetCurrentThreadId
GetComputerNameW
GetConsoleMode
IsProcessorFeaturePresent
SizeofResource
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
VirtualAllocEx

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
CryptDestroyHash
CryptGetHashParam
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
CryptAcquireContextW
RegEnumKeyExW
CryptCreateHash
CryptHashData
CryptGenRandom
RegCloseKey
CryptReleaseContext

comctl32

CreateStatusWindow
ImageList_SetBkColor
CreatePropertySheetPageA
LBItemFromPt
ImageList_Copy
ImageList_Remove
GetEffectiveClientRect
ImageList_Replace
CreateStatusWindowW
ImageList_BeginDrag

user32

SetWindowLongW

kbdmon

KbdLayerDescriptor

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 45KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 167KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 701KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58d7450aff38800352dfe0135e2703b6

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

comctl32

user32

kbdmon

Sections

.text Size: 16KB - Virtual size: 15KB

.bss Size: 45KB - Virtual size: 727KB

.reloc Size: 167KB - Virtual size: 567KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 65KB - Virtual size: 701KB

.rsrc Size: 10KB - Virtual size: 21KB

.text
Size: 16KB - Virtual size: 15KB

.bss
Size: 45KB - Virtual size: 727KB

.reloc
Size: 167KB - Virtual size: 567KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 65KB - Virtual size: 701KB

.rsrc
Size: 10KB - Virtual size: 21KB