d161f989d095d0d76bfbcf2b7911f445f90e4f92fa50067f188343fc0e6917ba

Sharing

Copy URL

Twitter E-mail

General

Target

d161f989d095d0d76bfbcf2b7911f445f90e4f92fa50067f188343fc0e6917ba
Size

148KB
MD5

c69e0c555f0d4b33a4496c7b7fc678f0
SHA1

1b439a5847b7fc9403e10433184550b258724298
SHA256

d161f989d095d0d76bfbcf2b7911f445f90e4f92fa50067f188343fc0e6917ba
SHA512

4ae0bc76ebebb7c17b0ddc3392e2b0d7ea4e1d3aa7cfab0ecce30cc0eacbfaff9f274593b723d39713d829f5381a70470d4e5f61f179195b8e6a8ac1a3e71aee
SSDEEP

3072:Bj8RZ1CxofJJN3a4KUtM6MAUBwxy70zKZhorHlgMxtiSSJE2RK0IUK:BO17VbvXAVgu3tK

Score

N/A

Malware Config

Signatures

Files

d161f989d095d0d76bfbcf2b7911f445f90e4f92fa50067f188343fc0e6917ba
.dll windows x86

53ed3c1820dc73d55a2f1ab7bbb9b02a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
UnmapViewOfFile
Sleep
GetProcAddress
WriteProcessMemory
CreateProcessA
OpenEventA
SetLastError
LoadLibraryA
InterlockedIncrement
TerminateProcess
WaitForSingleObject
MapViewOfFile
HeapFree
CreateEventA
InterlockedCompareExchange
GetComputerNameA
OpenFileMappingA
CreateMutexW
ExitProcess
GetProcessHeap
CloseHandle
GlobalFree
CreateFileMappingA
CreateDirectoryA
GetLastError
CopyFileA
GetCommandLineA
GetTickCount
WriteFile
GlobalAlloc
ReadProcessMemory
CreateFileA
HeapAlloc
GetModuleFileNameA
LeaveCriticalSection
InterlockedDecrement
GetCurrentProcess
GetModuleHandleA
LocalFree
GetVolumeInformationA

ole32

CoCreateGuid
CoCreateInstance
OleCreate
CoSetProxyBlanket
OleSetContainedObject
CoUninitialize
CoTaskMemAlloc
CoInitialize

user32

GetWindowLongA
ClientToScreen
UnhookWindowsHookEx
CreateWindowExA
SetWindowsHookExA
PostQuitMessage
GetWindow
KillTimer
ScreenToClient
SetWindowLongA
GetCursorPos
SendMessageA
GetClassNameA
DefWindowProcA
DispatchMessageA
GetParent
GetSystemMetrics
SetTimer
GetWindowThreadProcessId
RegisterWindowMessageA
TranslateMessage
PeekMessageA
FindWindowA
GetMessageA
DestroyWindow

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
GetUserNameA
RegSetValueExA
SetTokenInformation
OpenProcessToken
RegDeleteKeyA
DuplicateTokenEx
RegOpenKeyExA

shell32

SHGetFolderPathA

Exports

Exports

ienetTask

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53ed3c1820dc73d55a2f1ab7bbb9b02a

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 969B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 969B

.reloc
Size: 8KB - Virtual size: 6KB