67f50f6dd01e17b154c3ee53f0f4aa236cb146ec10c0f44d3452b0176d47ceba

Sharing

Copy URL Twitter E-mail

General

Target

67f50f6dd01e17b154c3ee53f0f4aa236cb146ec10c0f44d3452b0176d47ceba
Size

152KB
MD5

fbcd9b60fc521598d375299a2983e89c
SHA1

0b0850026b8b136b6428eb07d0560da9fcc0b7af
SHA256

67f50f6dd01e17b154c3ee53f0f4aa236cb146ec10c0f44d3452b0176d47ceba
SHA512

49a1f24042ada6fb7095086420a1d945af16cf8a1052f4bdc2943aaece1d7185cd8ed28a33a06fe07cd6d364fdeda27e5afd63c80a4a174025dc16bd159d0137
SSDEEP

3072:MMJWxp9shGPmWMDRpntitqsQhrOA4WrcN3/eAyCLO+CkE34DWdHZfG:rUMGPwDRxDLtnf6POKO+lI

Score

N/A

Malware Config

Signatures

Files

67f50f6dd01e17b154c3ee53f0f4aa236cb146ec10c0f44d3452b0176d47ceba
.dll windows x86

14d1cae09cb8de92565c2c27a4583374

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
Sleep
CreateProcessA
InterlockedCompareExchange
GlobalAlloc
WaitForSingleObject
TerminateProcess
OpenEventA
CreateEventA
GetProcessHeap
GetModuleHandleA
ReadProcessMemory
SetLastError
UnmapViewOfFile
CopyFileA
GetVolumeInformationA
GetComputerNameA
CloseHandle
CreateMutexW
GetLastError
GlobalFree
CreateDirectoryA
WriteProcessMemory
CreateFileA
InterlockedDecrement
GetTickCount
LeaveCriticalSection
GetModuleFileNameA
GetCurrentProcess
GetProcAddress
WriteFile
InterlockedIncrement
GetCommandLineA
HeapAlloc
EnterCriticalSection
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
ExitProcess
LoadLibraryA
HeapFree

ole32

CoCreateGuid
OleCreate
CoCreateInstance
CoSetProxyBlanket
CoTaskMemAlloc
OleSetContainedObject
CoInitialize
CoUninitialize

user32

SetWindowLongA
ScreenToClient
GetParent
GetSystemMetrics
GetWindow
PeekMessageA
FindWindowA
GetClassNameA
DestroyWindow
GetCursorPos
PostQuitMessage
SendMessageA
DispatchMessageA
CreateWindowExA
GetMessageA
SetWindowsHookExA
SetTimer
TranslateMessage
UnhookWindowsHookEx
KillTimer
GetWindowLongA
ClientToScreen
DefWindowProcA
RegisterWindowMessageA
GetWindowThreadProcessId

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegSetValueExA
GetUserNameA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
SetTokenInformation
DuplicateTokenEx
RegDeleteValueA
RegCreateKeyExA
OpenProcessToken
RegCloseKey

shell32

SHGetFolderPathA

Exports

Exports

tcpcrtHelper

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14d1cae09cb8de92565c2c27a4583374

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 996B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 996B

.reloc
Size: 8KB - Virtual size: 6KB