969d5ba791351f8a86a5da3517764f81b67676317a9e7b92edddbb26f8b924ee

Sharing

Copy URL Twitter E-mail

General

Target

969d5ba791351f8a86a5da3517764f81b67676317a9e7b92edddbb26f8b924ee
Size

156KB
MD5

aa2703290166d30ee630a98bf57d6470
SHA1

e40715ac4145dd738a68fb17c5469db7eece596f
SHA256

969d5ba791351f8a86a5da3517764f81b67676317a9e7b92edddbb26f8b924ee
SHA512

eadd0c24b4614d1825909b6d546bc975fd174f6219cf1251df3d656406b7d5ca4441189fcfd2d3bb423ebfa36549fe4bdfcfd8f421de5c675e46f02e3a6e0e51
SSDEEP

3072:pI1SfkiVyHRPn4HDYj2qLlxUGE2Y+Vwljo/ft3FT2hGYZLzyGg8kdhlOPdNJtp2L:6SfkiVyHRP7TVwljo/ft3FaAL8LNt2L

Score

N/A

Malware Config

Signatures

Files

969d5ba791351f8a86a5da3517764f81b67676317a9e7b92edddbb26f8b924ee
.dll windows x86

88d8d6eb926d4dbb80715c9765056c12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrcpyn
GetModuleHandleA
GetCurrentThread
Beep
RtlMoveMemory
CreateToolhelp32Snapshot
Process32First
Process32Next
ReadProcessMemory
OpenFileMappingA
MapViewOfFile
TerminateProcess
CreateProcessA
VirtualQueryEx
VirtualProtectEx
VirtualAllocEx
CreateFileMappingA
VirtualFreeEx
UnmapViewOfFile
CreateRemoteThread
WaitForSingleObject
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
LoadLibraryA
GetModuleFileNameA
GetTickCount
Sleep
LCMapStringA
GetVersionExA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
RaiseException
CreateWaitableTimerA
WriteProcessMemory
OpenProcess
GetCurrentProcess
MultiByteToWideChar
CreateThread
SetProcessWorkingSetSize
CloseHandle
SetWaitableTimer
IsBadReadPtr
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
VirtualAlloc
RtlUnwind

user32

PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
wvsprintfA
GetGUIThreadInfo
KillTimer
IsWindowVisible
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
PostMessageA
GetForegroundWindow
CallWindowProcA
GetAsyncKeyState
SetTimer
MsgWaitForMultipleObjects

advapi32

CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

88d8d6eb926d4dbb80715c9765056c12

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 71KB

.data Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 71KB

.data
Size: 8KB - Virtual size: 6KB