a4cf345295040ff73afeb68be5223e53027662bcba8ea22ca4b10d2bcf1b71dc

General

Target

a4cf345295040ff73afeb68be5223e53027662bcba8ea22ca4b10d2bcf1b71dc
Size

82KB
MD5

95b4b285da29cbf9334104eafd6afe30
SHA1

51e8a5739f8a97780ef600551c28bd4cfffd5213
SHA256

a4cf345295040ff73afeb68be5223e53027662bcba8ea22ca4b10d2bcf1b71dc
SHA512

38b961c9e66cb8c6cd9a18f7ce98d5b053f766fa594660dab5d731de704809cad3c6f731203456e5210aa481aa34b1785002c7b676897de15cb2fcfb20c75555
SSDEEP

1536:whklaDUkZ7YWre32JsXjJq5byFx55BNza3GxlF5AP2HOdaP8xOhUXHIVN/oute:Mkl2UkZ7S3CsXjJq5byFx552COdY8gaY

Score

N/A

Malware Config

Signatures

Files

a4cf345295040ff73afeb68be5223e53027662bcba8ea22ca4b10d2bcf1b71dc
.dll windows x86

4f3d394f6b143b8c2a4f845d61911708

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakePrettyA

kernel32

GetCurrentThread
lstrlenW
WriteConsoleOutputCharacterA
CreateMutexA
GlobalFindAtomW
LocalAlloc
CompareStringA
RaiseException
ReadFileScatter
VirtualFreeEx
HeapAlloc
GetShortPathNameA
ResumeThread
SuspendThread
WaitForMultipleObjectsEx
ExitThread
HeapCreate
HeapFree
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
CreateEventA
GetModuleHandleA
GetCurrentThreadId
GetCurrentProcess
SetEvent
WaitForSingleObject
GlobalFree
WideCharToMultiByte
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
lstrcpyA
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
IsDBCSLeadByte
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection

Exports

Exports

JaActivateTTTokenRect
JaAddjusstDesktop
JaBegiinnCursorValuee
JaBeginDesktooppRect
JaDeacttivateCurrsorVall
JaSetProccStatte

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f3d394f6b143b8c2a4f845d61911708

Headers

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 30KB - Virtual size: 57KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 30KB - Virtual size: 57KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB