ab5712f4def7867f5bf38c0c4c4a9650dc00f275863c21f01b383ec84e76300e

Sharing

Copy URL Twitter E-mail

General

Target

ab5712f4def7867f5bf38c0c4c4a9650dc00f275863c21f01b383ec84e76300e
Size

148KB
MD5

5bbbe73f888659dbf8088fa01c49c092
SHA1

2dd1bc59eb8feaefbd4a4dd3d354bb26f7f3c911
SHA256

ab5712f4def7867f5bf38c0c4c4a9650dc00f275863c21f01b383ec84e76300e
SHA512

015395b5c98361acf75214c70100b375001228347a1e03a3784531bf2c75a41a0692e36d871d2062e52547eda0fdf11d089e9d6e323deb44e851f98bce775a15
SSDEEP

3072:zO8MNiWoec0AUWoKgwZ0IW+oIRLOIg382ps0cWea:2NsSnwe9eLO9fptcWea

Score

N/A

Malware Config

Signatures

Files

ab5712f4def7867f5bf38c0c4c4a9650dc00f275863c21f01b383ec84e76300e
.dll windows x86

d21c5000a385a326e1f7ba755179c2ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
GetModuleFileNameA
GetComputerNameA
OpenFileMappingA
ReadProcessMemory
UnmapViewOfFile
HeapAlloc
GetCurrentProcess
CreateFileA
MapViewOfFile
CreateMutexW
HeapFree
WriteProcessMemory
CopyFileA
TerminateProcess
WaitForSingleObject
ExitProcess
GetVolumeInformationA
CreateDirectoryA
CreateFileMappingA
LeaveCriticalSection
LocalFree
CreateProcessA
Sleep
OpenEventA
GetProcAddress
CreateEventA
SetLastError
InterlockedCompareExchange
GlobalFree
LoadLibraryA
WriteFile
GetModuleHandleA
GetCommandLineA
InterlockedIncrement
GetProcessHeap
GetTickCount
GlobalAlloc
InterlockedDecrement
GetLastError

ole32

CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoSetProxyBlanket
OleCreate
CoUninitialize
CoCreateGuid
OleSetContainedObject

user32

ClientToScreen
GetSystemMetrics
SetTimer
KillTimer
GetMessageA
PostQuitMessage
GetClassNameA
FindWindowA
SetWindowLongA
RegisterWindowMessageA
UnhookWindowsHookEx
SendMessageA
GetWindow
TranslateMessage
GetParent
GetWindowThreadProcessId
DestroyWindow
ScreenToClient
SetWindowsHookExA
GetWindowLongA
PeekMessageA
GetCursorPos
CreateWindowExA
DispatchMessageA
DefWindowProcA

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegCreateKeyExA
SetTokenInformation
RegOpenKeyExA
RegCloseKey
DuplicateTokenEx
RegDeleteValueA
OpenProcessToken
GetUserNameA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA

shell32

SHGetFolderPathA

Exports

Exports

BluetoothobjNetM

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d21c5000a385a326e1f7ba755179c2ab

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 960B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 6KB