c2a299adc5a1836afad22371b3d076de9c4d0b5ad090887484b67c783f37acd6

Sharing

Copy URL Twitter E-mail

General

Target

c2a299adc5a1836afad22371b3d076de9c4d0b5ad090887484b67c783f37acd6
Size

152KB
MD5

c19e09809e5c1ba7d77543705411e816
SHA1

893cc5f57bd214bcfbb38dd354f3fe48b03e3e7c
SHA256

c2a299adc5a1836afad22371b3d076de9c4d0b5ad090887484b67c783f37acd6
SHA512

167b68e5494bb8b3f5789fd4e4385cc86d92c1b05bf4f7f3b4eebc6f789c018aca8a1638480de5d108c354d10bba449566fc67bdb2ef208bf8b44591308a2262
SSDEEP

3072:WE6172y+r8dYT9JK5PzlKfs3iEB/vedRO3uHRp2tcMwxS2A2QmwvDwUD:mk865Q5LkESeOdsenTQmwvkU

Score

N/A

Malware Config

Signatures

Files

c2a299adc5a1836afad22371b3d076de9c4d0b5ad090887484b67c783f37acd6
.dll windows x86

9fa4803fb2cdc1a23a3a40d0d9248e06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
TerminateProcess
GetVolumeInformationA
WriteProcessMemory
InterlockedIncrement
OpenEventA
HeapAlloc
InterlockedCompareExchange
GlobalAlloc
CreateDirectoryA
GetLastError
CreateProcessA
HeapFree
GetProcessHeap
GetModuleHandleA
LeaveCriticalSection
GetProcAddress
CreateMutexW
LoadLibraryA
GetModuleFileNameA
UnmapViewOfFile
GlobalFree
WriteFile
CreateFileA
ReadProcessMemory
EnterCriticalSection
CloseHandle
CreateFileMappingA
OpenFileMappingA
GetTickCount
WaitForSingleObject
MapViewOfFile
InterlockedDecrement
SetLastError
GetCommandLineA
CreateEventA
GetCurrentProcess
GetComputerNameA
ExitProcess
Sleep
LocalFree

ole32

CoSetProxyBlanket
CoCreateGuid
CoInitialize
CoUninitialize
OleCreate
CoCreateInstance
CoTaskMemAlloc
OleSetContainedObject

user32

GetWindow
ScreenToClient
ClientToScreen
SetWindowsHookExA
DefWindowProcA
GetMessageA
CreateWindowExA
GetParent
DestroyWindow
GetClassNameA
SendMessageA
SetTimer
GetWindowThreadProcessId
DispatchMessageA
PostQuitMessage
SetWindowLongA
PeekMessageA
UnhookWindowsHookEx
GetWindowLongA
KillTimer
RegisterWindowMessageA
TranslateMessage
GetSystemMetrics
GetCursorPos
FindWindowA

oleaut32

SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

GetUserNameA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
OpenProcessToken
RegCreateKeyExA
SetTokenInformation
RegQueryValueExA
DuplicateTokenEx
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetFolderPathA

Exports

Exports

tapimapOffice

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xgd
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fa4803fb2cdc1a23a3a40d0d9248e06

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 944B

xgd Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 944B

xgd
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 6KB