b082ba6de4e93150182732a12cc86f239ae7d6026fb4fe41c9c5383cdc3b2a3e

Sharing

Copy URL Twitter E-mail

General

Target

b082ba6de4e93150182732a12cc86f239ae7d6026fb4fe41c9c5383cdc3b2a3e
Size

14KB
MD5

43675b6dea342c99f1ee697e78946705
SHA1

d6821365b6bfa89b1930f28357ed7a09d18ef75e
SHA256

b082ba6de4e93150182732a12cc86f239ae7d6026fb4fe41c9c5383cdc3b2a3e
SHA512

2dfeb5e42c81e8af3b71afe953be42a6914a1317fdf6fefe7ec1a77869d8e1b0add67298e79a1dee669a837b0a00690f8dcc90f3c8749dde1a465c721bc3f766
SSDEEP

384:SFl7CDMdqE14tfwfB11nKCXCofsBYjw556:S+Q4E0Bqw556

Score

N/A

Malware Config

Signatures

Files

b082ba6de4e93150182732a12cc86f239ae7d6026fb4fe41c9c5383cdc3b2a3e
.dll windows x86

b48466efd330435f8221d6dc79923034

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA
SHGetValueA
SHSetValueA
SHDeleteValueA
StrStrIA
StrRChrA
SHDeleteKeyA
StrChrA

kernel32

lstrlenA
lstrcpynA
GetVersion
lstrcpyA
GetTickCount
CloseHandle
CreateFileA
OpenMutexA
lstrcatA
GetSystemDirectoryA
CreateThread
GetProcAddress
LoadLibraryA
GetModuleFileNameA
CreateProcessA
CopyFileA
GetShortPathNameA
Sleep
CreateMutexA
GetModuleHandleA
GetLastError
GetCurrentProcess
Module32First
Process32Next
FreeLibrary
GlobalAlloc
GlobalFree

user32

PostQuitMessage
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
LoadIconA
CreateWindowExA
GetWindowThreadProcessId
GetWindowLongA
SetWindowLongA
LoadCursorA
SendMessageA
DestroyIcon
wsprintfA
KillTimer
SetWindowsHookExA
PostThreadMessageA
FindWindowA
SendMessageTimeoutA
MessageBoxA
UnhookWindowsHookEx
DestroyWindow
RegisterClassExA
CallNextHookEx

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
OpenProcessToken

shell32

Shell_NotifyIconA
ShellExecuteA

Exports

Exports

inst
inst2
mount
startup
tes

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b48466efd330435f8221d6dc79923034

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

Shared Size: 512B - Virtual size: 4B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1024B - Virtual size: 960B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

Shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 960B