eaffdaa3b379f4d88e1e7672a547248771d799a7f28bfa1e1aa7b657ce19d9cf

Sharing

Copy URL Twitter E-mail

General

Target

eaffdaa3b379f4d88e1e7672a547248771d799a7f28bfa1e1aa7b657ce19d9cf
Size

148KB
MD5

4c650c4c4443e2a45baab603b5426a4e
SHA1

d2a7570df93a0c6e742588cd66f8b793610e1700
SHA256

eaffdaa3b379f4d88e1e7672a547248771d799a7f28bfa1e1aa7b657ce19d9cf
SHA512

1f3dffcc941e00df429da6c711372c2065c66296d37324b01221740ff3e6673c985d9702b6cad0fba496398ef99e60ebdd0fff550a9d89f3a90831fea90f32c2
SSDEEP

3072:bxI3Mt1aCmdijVV72CQjicDbMPqpuZg1/x5Nh10aZiGUF7GhZUFA:bjaCGipxnQ2cnag1//NH7sGK7GHUq

Score

N/A

Malware Config

Signatures

Files

eaffdaa3b379f4d88e1e7672a547248771d799a7f28bfa1e1aa7b657ce19d9cf
.dll windows x86

f0ea7f6f2bcba4454a9be6a1ef922a4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetLastError
GetCommandLineA
EnterCriticalSection
GetModuleHandleA
ExitProcess
GetVolumeInformationA
CreateProcessA
GetComputerNameA
GetProcAddress
HeapFree
CreateFileMappingA
WriteProcessMemory
InterlockedIncrement
CreateEventA
InterlockedDecrement
UnmapViewOfFile
GlobalAlloc
CreateDirectoryA
LoadLibraryA
WaitForSingleObject
TerminateProcess
SetLastError
GetModuleFileNameA
CloseHandle
LocalFree
OpenFileMappingA
LeaveCriticalSection
ReadProcessMemory
HeapAlloc
WriteFile
CreateFileA
Sleep
GetCurrentProcess
MapViewOfFile
CreateMutexW
CopyFileA
InterlockedCompareExchange
GetTickCount
GetProcessHeap
OpenEventA

ole32

CoSetProxyBlanket
CoUninitialize
OleSetContainedObject
CoTaskMemAlloc
OleCreate
CoInitialize
CoCreateGuid
CoCreateInstance

user32

GetSystemMetrics
TranslateMessage
GetWindowLongA
KillTimer
DestroyWindow
GetCursorPos
ScreenToClient
FindWindowA
GetMessageA
CreateWindowExA
GetParent
SetTimer
GetWindowThreadProcessId
SetWindowLongA
GetWindow
DefWindowProcA
UnhookWindowsHookEx
PostQuitMessage
ClientToScreen
SetWindowsHookExA
SendMessageA
GetClassNameA
DispatchMessageA
RegisterWindowMessageA
PeekMessageA

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

SetTokenInformation
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
OpenProcessToken
GetUserNameA
RegQueryValueExA
DuplicateTokenEx

shell32

SHGetFolderPathA

Exports

Exports

SmartcrtVdm

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wfbuqme
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0ea7f6f2bcba4454a9be6a1ef922a4b

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 960B

wfbuqme Size: 4KB - Virtual size: 4B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 960B

wfbuqme
Size: 4KB - Virtual size: 4B

.reloc
Size: 8KB - Virtual size: 6KB