b415834253ee573cf37ea776abba64a4cb8aa9ddfc41f2f7dfde266b1dbc93fe

Sharing

Copy URL Twitter E-mail

General

Target

b415834253ee573cf37ea776abba64a4cb8aa9ddfc41f2f7dfde266b1dbc93fe
Size

152KB
MD5

4f26f4e9f6b44de355b6281d0a306305
SHA1

2ff8d7c0700950a4f36cb02e587a82de2f9099ee
SHA256

b415834253ee573cf37ea776abba64a4cb8aa9ddfc41f2f7dfde266b1dbc93fe
SHA512

bfb2b753ecda3f30eb20aab903733d37c2453f56fa3733d1425449b6c2c1b299be27407b1654bdc0ea00351293d4a275357400ce8efe32e19f99d2f06899af9d
SSDEEP

3072:ZRqftQ28Tu4QtMpt8tmXqxEJ8v4ULcvne5gr7IdLZnUwkI:ZR2T8TEMpWtmXqM8w4cvndr7+ZnUwk

Score

N/A

Malware Config

Signatures

Files

b415834253ee573cf37ea776abba64a4cb8aa9ddfc41f2f7dfde266b1dbc93fe
.dll windows x86

fc739032e31dc4f479ba28547df1de73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
UnmapViewOfFile
WriteFile
CopyFileA
CreateMutexW
HeapFree
OpenFileMappingA
CreateDirectoryA
MapViewOfFile
InterlockedCompareExchange
CreateProcessA
InterlockedIncrement
GetCurrentProcess
CloseHandle
GlobalFree
CreateFileA
CreateFileMappingA
InterlockedDecrement
SetLastError
ReadProcessMemory
EnterCriticalSection
GetComputerNameA
CreateEventA
GetCommandLineA
TerminateProcess
GetLastError
GetProcessHeap
GetVolumeInformationA
ExitProcess
WriteProcessMemory
LoadLibraryA
Sleep
LocalFree
GetProcAddress
HeapAlloc
OpenEventA
LeaveCriticalSection
GetModuleFileNameA
GlobalAlloc
WaitForSingleObject
GetTickCount

ole32

CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
OleCreate
OleSetContainedObject
CoSetProxyBlanket

user32

RegisterWindowMessageA
PeekMessageA
GetMessageA
ClientToScreen
GetClassNameA
ScreenToClient
DefWindowProcA
GetSystemMetrics
SendMessageA
GetCursorPos
UnhookWindowsHookEx
KillTimer
SetTimer
TranslateMessage
DispatchMessageA
GetParent
FindWindowA
GetWindow
GetWindowThreadProcessId
SetWindowsHookExA
DestroyWindow
PostQuitMessage
CreateWindowExA
GetWindowLongA
SetWindowLongA

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
DuplicateTokenEx
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
GetUserNameA
RegCloseKey
OpenProcessToken
SetTokenInformation

shell32

SHGetFolderPathA

Exports

Exports

acxMousedsc

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc739032e31dc4f479ba28547df1de73

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 1008B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1008B

.reloc
Size: 8KB - Virtual size: 6KB