e9c56a4e2ad3f6d6e347ae77b80c28fbc080f51ed41a67a6fa1459488012accd

Sharing

Copy URL Twitter E-mail

General

Target

e9c56a4e2ad3f6d6e347ae77b80c28fbc080f51ed41a67a6fa1459488012accd
Size

148KB
MD5

c8570f1f924723d4249fc2cda08b4683
SHA1

9c996b13c0f568a57cfd6c80b17afea16b030cad
SHA256

e9c56a4e2ad3f6d6e347ae77b80c28fbc080f51ed41a67a6fa1459488012accd
SHA512

74f39b10060d08cfdcc62bf0b7810e506d560f23f6a9cb3aef4faf86363567ee80d8c0d58e34b249cfbc9605fd1e23746387690e4d549531acc5ca964700a23e
SSDEEP

3072:5V9morbH0NcuL3BIlBsrdULrDWnp69Mgi7nH5o0Kv:jooPVu+7rrDW8HiKv

Score

N/A

Malware Config

Signatures

Files

e9c56a4e2ad3f6d6e347ae77b80c28fbc080f51ed41a67a6fa1459488012accd
.dll windows x86

006eac627c5f0ea454ad3e12cb416b62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
OpenFileMappingA
GlobalFree
CreateFileA
ReadProcessMemory
CreateDirectoryA
EnterCriticalSection
CopyFileA
Sleep
GetModuleFileNameA
CloseHandle
CreateMutexW
LoadLibraryA
LeaveCriticalSection
GetCommandLineA
TerminateProcess
ExitProcess
GetProcessHeap
GetVolumeInformationA
GetTickCount
CreateFileMappingA
InterlockedCompareExchange
WriteFile
CreateProcessA
LocalFree
GetLastError
GetModuleHandleA
GetProcAddress
GetComputerNameA
CreateEventA
WriteProcessMemory
OpenEventA
HeapAlloc
HeapFree
UnmapViewOfFile
SetLastError
GlobalAlloc
GetCurrentProcess

ole32

OleSetContainedObject
OleCreate
CoInitialize
CoTaskMemAlloc
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoCreateGuid

user32

KillTimer
GetWindow
GetMessageA
GetWindowLongA
TranslateMessage
GetWindowThreadProcessId
PeekMessageA
GetClassNameA
DefWindowProcA
SetWindowLongA
SetWindowsHookExA
SetTimer
FindWindowA
DispatchMessageA
GetParent
ClientToScreen
GetCursorPos
CreateWindowExA
UnhookWindowsHookEx
RegisterWindowMessageA
GetSystemMetrics
DestroyWindow
PostQuitMessage
ScreenToClient
SendMessageA

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
GetUserNameA
RegCreateKeyExA
OpenProcessToken
RegDeleteValueA
SetTokenInformation
DuplicateTokenEx

shell32

SHGetFolderPathA

Exports

Exports

usrcfgWan

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

006eac627c5f0ea454ad3e12cb416b62

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB