976176003c56724e2f00ccb94c07661fdcba7c5be6b499b1d0519979ebb504d6

Sharing

Copy URL Twitter E-mail

General

Target

976176003c56724e2f00ccb94c07661fdcba7c5be6b499b1d0519979ebb504d6
Size

152KB
MD5

83cd16226d2b0fe8a68c069a782aadd5
SHA1

7d9e2c28a50e128647dd90622aa22a177f978e12
SHA256

976176003c56724e2f00ccb94c07661fdcba7c5be6b499b1d0519979ebb504d6
SHA512

b766adc59cf381c3a8a9b3ad0b12d440a5982eaf1fa99e2fbc67a473fb8bf1065bf4c8cf0d2615ab9f9bb6fa5dafcad298b5a45ed0152f18fc3e075e1ebd1b15
SSDEEP

3072:JqMVW3Y1tW5XLrgln7A+ixJZAFQyY599aJy6hqJ8:DWaSdJGKyYNaYdJ

Score

N/A

Malware Config

Signatures

Files

976176003c56724e2f00ccb94c07661fdcba7c5be6b499b1d0519979ebb504d6
.dll windows x86

725076b02a65fd77063b7328ad3b1fb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
WaitForSingleObject
CreateDirectoryA
CreateMutexW
GlobalFree
GlobalAlloc
GetTickCount
GetModuleFileNameA
MapViewOfFile
OpenFileMappingA
TerminateProcess
ReadProcessMemory
CreateProcessA
CreateFileA
GetProcAddress
ExitProcess
GetCurrentProcess
InterlockedDecrement
GetComputerNameA
HeapAlloc
WriteFile
CreateEventA
GetLastError
LeaveCriticalSection
UnmapViewOfFile
GetProcessHeap
LocalFree
SetLastError
InterlockedIncrement
GetCommandLineA
EnterCriticalSection
CreateFileMappingA
LoadLibraryA
HeapFree
Sleep
WriteProcessMemory
InterlockedCompareExchange
GetVolumeInformationA
GetModuleHandleA
OpenEventA
CloseHandle

ole32

CoTaskMemAlloc
CoUninitialize
CoInitialize
OleCreate
CoSetProxyBlanket
CoCreateGuid
CoCreateInstance
OleSetContainedObject

user32

ClientToScreen
SetWindowsHookExA
FindWindowA
GetSystemMetrics
GetWindowLongA
DefWindowProcA
DestroyWindow
GetCursorPos
DispatchMessageA
ScreenToClient
PeekMessageA
SetTimer
GetClassNameA
RegisterWindowMessageA
SendMessageA
PostQuitMessage
KillTimer
GetWindow
TranslateMessage
SetWindowLongA
UnhookWindowsHookEx
CreateWindowExA
GetMessageA
GetParent
GetWindowThreadProcessId

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteKeyA
RegDeleteValueA
SetTokenInformation
RegOpenKeyExA
GetUserNameA
RegCreateKeyExA
RegQueryValueExA
OpenProcessToken
RegSetValueExA
RegCloseKey
DuplicateTokenEx

shell32

SHGetFolderPathA

Exports

Exports

CdCommsclass

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

725076b02a65fd77063b7328ad3b1fb1

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 944B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 944B

.reloc
Size: 8KB - Virtual size: 6KB