b00d8ea00cb9c6cef087e574795fe2e309bd8ef61f21bf7e6f6595d3f3707315

Sharing

Copy URL Twitter E-mail

General

Target

b00d8ea00cb9c6cef087e574795fe2e309bd8ef61f21bf7e6f6595d3f3707315
Size

372KB
MD5

7043ddf51d7135c1d1b83b4213dfed61
SHA1

48440b9f1a49cd970b048c9213ccb499deb6342f
SHA256

b00d8ea00cb9c6cef087e574795fe2e309bd8ef61f21bf7e6f6595d3f3707315
SHA512

8a3530373d8df7a0e6e95f15f3b8b8c24ee15c51001c90985fa700919a233bc6868d980c8a71c33f8b14266b00106a21b3b71cbd67b6a68642d92e237713d766
SSDEEP

6144:4H1f7v+MMmY264yCpQDXQ+rQxn3PQBxbPSeOtZ/ViY:67zYsXpQzQLxn/m4/

Score

N/A

Malware Config

Signatures

Files

b00d8ea00cb9c6cef087e574795fe2e309bd8ef61f21bf7e6f6595d3f3707315
.exe windows x86

4c11a2eda9a4d0b5f52e1f75aff71bb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostThreadMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
DialogBoxParamA
GetDlgItem
GetDlgItemTextA
SetDlgItemTextA
GetWindowLongA
SetWindowLongA
EndDialog
CloseDesktop
GetUserObjectInformationA
OpenInputDesktop
GetThreadDesktop
SetThreadDesktop
OpenDesktopA
GetWindowThreadProcessId
RegisterClassA
UnregisterClassA
CreateWindowExA
WaitForInputIdle
KillTimer
ReleaseDC
ExitWindowsEx
GetDC
GetIconInfo
SystemParametersInfoA
GetWindowRect
DestroyWindow
IsWindowVisible
MessageBoxA
DefWindowProcA
ClientToScreen
GetClientRect
IsRectEmpty
IsIconic
IsWindow
EnumWindows
GetClassNameA
GetForegroundWindow
SetClipboardViewer
ChangeClipboardChain
CloseClipboard
GetClipboardData
OpenClipboard
GetClipboardOwner
SetClipboardData
EmptyClipboard
mouse_event
GetSystemMetrics
GetAsyncKeyState
MapVirtualKeyA
keybd_event
VkKeyScanA
ToAscii
SetTimer
GetMessageA
PostMessageA
SetWindowTextA
SendMessageA
TrackPopupMenu
DrawIconEx
FindWindowA
PostQuitMessage
LoadImageA
LoadMenuA
GetSubMenu
SetMenuDefaultItem
EnableMenuItem
SetForegroundWindow
GetCursorPos

shell32

Shell_NotifyIconA

wm_hooks

WM_Hooks_WindowBorderChanged
WM_Hooks_RectangleChanged
WM_Hooks_WindowClientAreaChanged
WM_Hooks_WindowChanged
WM_Hooks_EnableRealInputs
WM_Hooks_CursorChanged
WM_Hooks_Remove
WM_Hooks_EnableCursorShape
WM_Hooks_Install

kernel32

CreateProcessA
TerminateProcess
OpenProcess
FormatMessageA
GetCurrentProcess
GetVersionExA
WaitForMultipleObjects
GetModuleFileNameA
GetProcAddress
LoadLibraryA
FreeLibrary
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetCurrentProcessId
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
ExitProcess
GetTimeZoneInformation
GetSystemTime
SetProcessShutdownParameters
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
SetLastError
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
TlsGetValue
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
ReadFile
FlushFileBuffers
MultiByteToWideChar
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetCurrentThreadId
GetCurrentThread
ResumeThread
CreateEventA
CreateThread
TlsSetValue
TlsAlloc
GetSystemTimeAsFileTime
FreeConsole
SetEvent
ResetEvent
WaitForSingleObject
GetComputerNameA
CloseHandle
EnterCriticalSection
LeaveCriticalSection
Sleep
DeleteCriticalSection
InitializeCriticalSection
GetLastError
GetModuleHandleA
LoadResource
FindResourceA
LockResource
GetStdHandle
SizeofResource
GetLocalTime

advapi32

CreateServiceA
RegQueryValueExA
RegSetValueExA
RegNotifyChangeKeyValue
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyExA
RevertToSelf
RegCloseKey
ImpersonateLoggedOnUser
OpenProcessToken
CreateProcessAsUserA
ControlService
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetServiceStatus
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegEnumValueA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegQueryInfoKeyA

gdi32

SetDIBColorTable
GetObjectA
GetBitmapBits
GetSystemPaletteEntries
GdiFlush
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetDIBits
DeleteObject
CreateDCA
GetClipBox
CreateDIBSection
DeleteDC

ws2_32

send
WSAGetLastError
WSAStartup
setsockopt
closesocket
connect
gethostbyname
htons
inet_addr
socket
inet_ntoa
getsockname
getpeername
ntohs
shutdown
listen
bind
select
accept
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAResetEvent
WSAEventSelect
recv
htonl

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c11a2eda9a4d0b5f52e1f75aff71bb7

Headers

File Characteristics

Imports

user32

shell32

wm_hooks

kernel32

advapi32

gdi32

ws2_32

version

ole32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 36KB - Virtual size: 44KB

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 36KB - Virtual size: 44KB

.rsrc
Size: 92KB - Virtual size: 91KB