7b6979a7e98670b37314b5284ea28a0a78e58ada7a8f2e65b7590afec6bbde8f

Sharing

Copy URL Twitter E-mail

General

Target

7b6979a7e98670b37314b5284ea28a0a78e58ada7a8f2e65b7590afec6bbde8f
Size

571KB
MD5

2843cd26919a62848480e83016e660e0
SHA1

1a1583e9a427519922453558995541b1ffea995d
SHA256

7b6979a7e98670b37314b5284ea28a0a78e58ada7a8f2e65b7590afec6bbde8f
SHA512

8ccfb40d7a57892a2c017cdab3984f41e2d69fbcd4ca65e953554d50d2fc67e80ae9443fa37f483dbfaa8a8e814ad03c0773206abba6ca664a15578e27b8b6ff
SSDEEP

12288:KZrH72YosC16hXlbrqkC6QZc6GwDlcRSbuwxKxuLRH:2rH7dWsXlbrK6cc6DlcRSSqLLB

Score

N/A

Malware Config

Signatures

Files

7b6979a7e98670b37314b5284ea28a0a78e58ada7a8f2e65b7590afec6bbde8f
.dll windows x86

221e01b82c4ed6e30bb3e3c05136274e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA

oleaut32

LoadTypeLi
RegisterTypeLi
SysAllocString
SysFreeString
SysStringLen
UnRegisterTypeLi
VariantClear
VarUI4FromStr

user32

SetWindowsHookExA
SetFocus
RegisterClipboardFormatA
MoveWindow
IsZoomed
ShowWindow
IsIconic
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetParent
GetForegroundWindow
DestroyWindow
CreateDialogParamA
CharNextW
CharNextA
CallNextHookEx
UnhookWindowsHookEx
IsWindowVisible

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

kernel32

lstrlenW
lstrlenA
lstrcmpiA
WriteFile
WideCharToMultiByte
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SizeofResource
SetLastError
SetHandleCount
RtlUnwind
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
LoadResource
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsDebuggerPresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy

Exports

Exports

Module_GetName
SaveThread
StopIteration
_Fast
convert_to_rfc1123
vUnloadModule
window_bits

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

221e01b82c4ed6e30bb3e3c05136274e

Headers

File Characteristics

Imports

advapi32

oleaut32

user32

ole32

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 6KB - Virtual size: 5KB