8e8169684e0737b06dbb825924ff58a71b6c713526c98286006bf1cd3c3dd16f

Sharing

Copy URL Twitter E-mail

General

Target

8e8169684e0737b06dbb825924ff58a71b6c713526c98286006bf1cd3c3dd16f
Size

156KB
MD5

46c523cf3e4e3b58d122eb1822d39e4f
SHA1

790f49226cb3e2c0d36d5cfecf7ae352b3046789
SHA256

8e8169684e0737b06dbb825924ff58a71b6c713526c98286006bf1cd3c3dd16f
SHA512

605f01d39a1de25260e056c00c98e976f07514eaf88e2e406124b4be6032f2faeba650e1aa43d6854ecac3c6cd568d531033be229adde1222506e3dd9ee56cc5
SSDEEP

3072:F5pc3e7spZZhnfxSeDOD8Luvg8G0IIFtq7Qa4xP:HK3e2ZZKWO4L+gz6tuQvxP

Score

N/A

Malware Config

Signatures

Files

8e8169684e0737b06dbb825924ff58a71b6c713526c98286006bf1cd3c3dd16f
.dll windows x86

bb3664d6556861cd2bdc6d7e2db67a9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetVolumeInformationA
WriteFile
OpenFileMappingA
TerminateProcess
WaitForSingleObject
CreateMutexW
CopyFileA
HeapAlloc
MapViewOfFile
Sleep
CreateFileMappingA
GetModuleFileNameA
InterlockedCompareExchange
ReadProcessMemory
CreateEventA
GetTickCount
ExitProcess
InterlockedDecrement
GetLastError
CreateFileA
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
SetLastError
OpenEventA
GetComputerNameA
CreateDirectoryA
UnmapViewOfFile
InterlockedIncrement
WriteProcessMemory
GetModuleHandleA
CloseHandle
GetProcessHeap
LoadLibraryA
GetCurrentProcess
GlobalAlloc
GetCommandLineA
GlobalFree
CreateProcessA

ole32

CoSetProxyBlanket
CoInitialize
CoCreateGuid
OleCreate
OleSetContainedObject
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

user32

PeekMessageA
DestroyWindow
SetTimer
ScreenToClient
GetMessageA
TranslateMessage
RegisterWindowMessageA
UnhookWindowsHookEx
GetParent
CreateWindowExA
GetClassNameA
PostQuitMessage
GetWindowLongA
SetWindowsHookExA
FindWindowA
SetWindowLongA
KillTimer
GetWindowThreadProcessId
DispatchMessageA
DefWindowProcA
GetCursorPos
SendMessageA
ClientToScreen
GetWindow
GetSystemMetrics

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCloseKey
SetTokenInformation
RegQueryValueExA
OpenProcessToken
DuplicateTokenEx
RegCreateKeyExA
RegOpenKeyExA
GetUserNameA
RegSetValueExA

shell32

SHGetFolderPathA

Exports

Exports

AppEventdll32

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb3664d6556861cd2bdc6d7e2db67a9e

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 964B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 964B

.reloc
Size: 8KB - Virtual size: 6KB