eecde4838710ad48e116fa3f5b031ce930483e4e52094109c73e59b036d850a1

Sharing

Copy URL

Twitter E-mail

General

Target

eecde4838710ad48e116fa3f5b031ce930483e4e52094109c73e59b036d850a1
Size

152KB
MD5

3f70ff6b3700ba050dcb50c62e0f65ef
SHA1

62b7bb228ae247b278a56ee294cd48fb97c04cc2
SHA256

eecde4838710ad48e116fa3f5b031ce930483e4e52094109c73e59b036d850a1
SHA512

c5620c0d7a3335d80e3a7f813904271894cb0ea4c27184b2e340dfa180ff000293cd191f11a8d12ac8f18a943b274f4ec28bd5a241945cbea7272bb2b9528cb9
SSDEEP

3072:yxdzIsOzpM5o5hU+BCEan2l2VhRNZPgVik51oZ18C/:ybzIJzGHIC2OgVizZ1r

Score

N/A

Malware Config

Signatures

Files

eecde4838710ad48e116fa3f5b031ce930483e4e52094109c73e59b036d850a1
.dll windows x86

d34f9867a92fe0fa2a9c1915fc32558e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LeaveCriticalSection
CloseHandle
CreateMutexW
CreateFileA
GetCurrentProcess
InterlockedIncrement
GetComputerNameA
ReadProcessMemory
WriteProcessMemory
GetCommandLineA
GlobalAlloc
GetProcAddress
InterlockedDecrement
GetModuleFileNameA
WriteFile
SetLastError
CopyFileA
EnterCriticalSection
InterlockedCompareExchange
UnmapViewOfFile
OpenEventA
CreateProcessA
HeapAlloc
TerminateProcess
GetVolumeInformationA
GetModuleHandleA
ExitProcess
CreateFileMappingA
GetProcessHeap
LoadLibraryA
OpenFileMappingA
CreateDirectoryA
GetTickCount
CreateEventA
MapViewOfFile
WaitForSingleObject
LocalFree
GetLastError
HeapFree
Sleep

ole32

OleCreate
CoTaskMemAlloc
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
CoSetProxyBlanket

user32

ClientToScreen
GetWindowThreadProcessId
PeekMessageA
ScreenToClient
GetWindowLongA
DefWindowProcA
DispatchMessageA
GetParent
SetTimer
DestroyWindow
GetMessageA
KillTimer
GetSystemMetrics
TranslateMessage
FindWindowA
GetCursorPos
RegisterWindowMessageA
SetWindowsHookExA
PostQuitMessage
SetWindowLongA
GetClassNameA
GetWindow
CreateWindowExA
UnhookWindowsHookEx
SendMessageA

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegSetValueExA
SetTokenInformation
RegDeleteKeyA
RegQueryValueExA
DuplicateTokenEx
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
GetUserNameA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

DfrgcfgPath

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ctyyu
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d34f9867a92fe0fa2a9c1915fc32558e

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 928B

ctyyu Size: 4KB - Virtual size: 12B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 928B

ctyyu
Size: 4KB - Virtual size: 12B

.reloc
Size: 8KB - Virtual size: 6KB