ed15b99509f35336ff6c5bf93c82d6dd0349fb101625e1e52a4f09d262259ea1

Sharing

Copy URL Twitter E-mail

General

Target

ed15b99509f35336ff6c5bf93c82d6dd0349fb101625e1e52a4f09d262259ea1
Size

144KB
MD5

f5f8c8396e42fa261ca1da0f1d7acaa0
SHA1

a56ed32c6e648a9027fc36fc3fc90db8be3f2973
SHA256

ed15b99509f35336ff6c5bf93c82d6dd0349fb101625e1e52a4f09d262259ea1
SHA512

edf349d8e7f9e94f701e4968be638f944e393dca360f6a855718518fc059ecc5f926cf45477c3b57e7737e22e171e2ac39701e35c40109d1ee745298325754be
SSDEEP

3072:X2IkdCozTML7N3LGqrJT1ZHOyx5WpoZjlFL0uMilQL61:XPQYV3pTX3UgQElB1

Score

N/A

Malware Config

Signatures

Files

ed15b99509f35336ff6c5bf93c82d6dd0349fb101625e1e52a4f09d262259ea1
.dll windows x86

876bc8aaf1366d86218c04a2c9001400

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcessHeap
GetCurrentProcess
LocalFree
TerminateProcess
OpenFileMappingA
GetLastError
Sleep
CreateFileMappingA
GetComputerNameA
WriteFile
CopyFileA
CloseHandle
OpenEventA
CreateEventA
InterlockedDecrement
GetVolumeInformationA
CreateFileA
GetModuleFileNameA
GetProcAddress
GlobalAlloc
ReadProcessMemory
UnmapViewOfFile
HeapFree
HeapAlloc
CreateMutexW
LeaveCriticalSection
SetLastError
InterlockedIncrement
GlobalFree
ExitProcess
CreateProcessA
GetTickCount
EnterCriticalSection
LoadLibraryA
MapViewOfFile
InterlockedCompareExchange
WriteProcessMemory
WaitForSingleObject
CreateDirectoryA
GetCommandLineA

ole32

CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoCreateGuid
CoTaskMemAlloc
OleSetContainedObject
CoInitialize
OleCreate

user32

ScreenToClient
PeekMessageA
DestroyWindow
GetWindow
SendMessageA
DispatchMessageA
GetMessageA
SetWindowLongA
SetTimer
GetParent
GetClassNameA
ClientToScreen
UnhookWindowsHookEx
GetWindowLongA
RegisterWindowMessageA
TranslateMessage
FindWindowA
CreateWindowExA
GetCursorPos
PostQuitMessage
KillTimer
DefWindowProcA
GetSystemMetrics
SetWindowsHookExA
GetWindowThreadProcessId
PostMessageA

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegQueryValueExA
SetTokenInformation
RegDeleteValueA
GetUserNameA
RegOpenKeyExA
OpenProcessToken
DuplicateTokenEx
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHGetFolderPathA

Exports

Exports

ClipPathaudio

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

876bc8aaf1366d86218c04a2c9001400

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB