a3b2cecae11b8751db710c5e9f2ce33fb9dd8565f61a49e3b247694559ea2712

Sharing

Copy URL Twitter E-mail

General

Target

a3b2cecae11b8751db710c5e9f2ce33fb9dd8565f61a49e3b247694559ea2712
Size

152KB
MD5

430173428628e6be7569e38a17fbca56
SHA1

27e8de89dc893c642eef4c23f9b3f5466f22349a
SHA256

a3b2cecae11b8751db710c5e9f2ce33fb9dd8565f61a49e3b247694559ea2712
SHA512

6393d94b4d98d89fe56d221a238115d74097990f328603645c58b8f03672b1ea1eafb0295e5b73174a65e9c5be4e74fe872193c2c39f95a6bebb1c6fc4949a97
SSDEEP

3072:7A05Rp8BK/V3u5fgn/YNOOiCSgezmRToaP6nc9r/drIIif/n:7J0BKVuZewNhszg6nA9IIW/

Score

N/A

Malware Config

Signatures

Files

a3b2cecae11b8751db710c5e9f2ce33fb9dd8565f61a49e3b247694559ea2712
.dll windows x86

5e95a4ea0b3e8e8861b69f6aa401da0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetCurrentProcess
GetComputerNameA
HeapFree
GetVolumeInformationA
ReadProcessMemory
GetProcessHeap
GetLastError
CreateMutexW
GetModuleFileNameA
ExitProcess
GetCommandLineA
UnmapViewOfFile
InterlockedDecrement
SetLastError
CreateDirectoryA
GetModuleHandleA
LeaveCriticalSection
MapViewOfFile
OpenFileMappingA
InterlockedIncrement
WriteFile
CreateFileMappingA
CreateFileA
GlobalAlloc
CopyFileA
OpenEventA
TerminateProcess
InterlockedCompareExchange
GlobalFree
WriteProcessMemory
GetProcAddress
GetTickCount
LocalFree
WaitForSingleObject
LoadLibraryA
EnterCriticalSection
CreateProcessA
CreateEventA
CloseHandle
Sleep

ole32

CoCreateInstance
CoInitialize
OleSetContainedObject
CoSetProxyBlanket
CoCreateGuid
CoTaskMemAlloc
CoUninitialize
OleCreate

user32

GetWindowThreadProcessId
ClientToScreen
TranslateMessage
DefWindowProcA
SetTimer
PeekMessageA
UnhookWindowsHookEx
SendMessageA
KillTimer
DispatchMessageA
FindWindowA
SetWindowLongA
CreateWindowExA
PostQuitMessage
GetParent
DestroyWindow
GetWindow
ScreenToClient
GetClassNameA
GetMessageA
GetSystemMetrics
GetCursorPos
SetWindowsHookExA
GetWindowLongA
RegisterWindowMessageA

oleaut32

SysFreeString
SysStringLen
SysAllocStringLen
SysAllocString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

GetUserNameA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
SetTokenInformation
RegOpenKeyExA
OpenProcessToken
RegCreateKeyExA
DuplicateTokenEx
RegSetValueExA

shell32

SHGetFolderPathA

Exports

Exports

i18MouseCres

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 985B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e95a4ea0b3e8e8861b69f6aa401da0e

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 985B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 985B

.reloc
Size: 8KB - Virtual size: 6KB