e3e170c3427eb2e39f13b74ae5f8e929cc5c6d30ccec4d695a95c1e7d36877ba

Sharing

Copy URL Twitter E-mail

General

Target

e3e170c3427eb2e39f13b74ae5f8e929cc5c6d30ccec4d695a95c1e7d36877ba
Size

136KB
MD5

02f5579ee856bcaf36e2ac58cd1789af
SHA1

875bb4c2a2200bafd743b69b9031d065e34c1e19
SHA256

e3e170c3427eb2e39f13b74ae5f8e929cc5c6d30ccec4d695a95c1e7d36877ba
SHA512

26e09479400fdd1d7cf69212c9e1055adfc0612289d5e9071b92f2faad78eb288cb95e006d696212f7b6b87529ce237c3d90b1e265b518a79ed44b9d1490431c
SSDEEP

3072:9VElIsUhJ41yWoKZu48nLkueydw/OVXm2pbALJ4p/yunu:9px+44YdrJvp8LJ+/l

Score

N/A

Malware Config

Signatures

Files

e3e170c3427eb2e39f13b74ae5f8e929cc5c6d30ccec4d695a95c1e7d36877ba
.dll windows x86

b7d8a5ebfc25ac707abecead4936135e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
GetVolumeInformationA
CreateEventA
CreateFileMappingA
EnterCriticalSection
InterlockedCompareExchange
GetTickCount
SetLastError
CopyFileA
LocalFree
HeapAlloc
InterlockedDecrement
WriteFile
GetComputerNameA
GetCommandLineA
GetProcAddress
InterlockedIncrement
GetLastError
WriteProcessMemory
CreateFileA
GlobalFree
CreateDirectoryA
GetCurrentProcess
HeapFree
MapViewOfFile
CreateMutexW
LoadLibraryA
LeaveCriticalSection
OpenEventA
Sleep
CreateProcessA
ReadProcessMemory
GetModuleFileNameA
GlobalAlloc
GetProcessHeap
ExitProcess
TerminateProcess
WaitForSingleObject
GetModuleHandleA
UnmapViewOfFile
CloseHandle

ole32

CoTaskMemAlloc
CoUninitialize
OleSetContainedObject
CoCreateGuid
CoSetProxyBlanket
OleCreate
CoInitialize
CoCreateInstance

user32

DestroyWindow
GetWindowThreadProcessId
SendMessageA
DefWindowProcA
RegisterWindowMessageA
GetCursorPos
FindWindowA
GetClassNameA
DispatchMessageA
GetWindow
CreateWindowExA
TranslateMessage
KillTimer
UnhookWindowsHookEx
PeekMessageA
GetSystemMetrics
SetWindowsHookExA
SetWindowLongA
GetMessageA
GetParent
SetTimer
ClientToScreen
ScreenToClient
PostQuitMessage
GetWindowLongA

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

DuplicateTokenEx
RegDeleteValueA
GetUserNameA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
SetTokenInformation
OpenProcessToken

shell32

SHGetFolderPathA

Exports

Exports

HpCommsCres

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7d8a5ebfc25ac707abecead4936135e

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB