d9de0772281c2aee492369e84235cb2555ab9a89ea6e33b4abd6200ffe7728f1

General

Target

d9de0772281c2aee492369e84235cb2555ab9a89ea6e33b4abd6200ffe7728f1
Size

132KB
MD5

17d7a05e7ecca14b854e6c62607e3f70
SHA1

172c968db984a7d78d6f7c06d6758aa488ae2e58
SHA256

d9de0772281c2aee492369e84235cb2555ab9a89ea6e33b4abd6200ffe7728f1
SHA512

546b27343165129bcca5d0085f9b00da104e28d01b854248e62f23fccc24dd4b4dd3f4a3304b9e425acae953e6533cf63e953e063f8d0b7e48da8076f24fd33c
SSDEEP

3072:x7nORNwsQVPSuP0w2lHzadDfbdRqw3SutnrRkZCWLACJO8:xS28uP/E2D3pSwRkZCWLBg8

Score

N/A

Malware Config

Signatures

Files

d9de0772281c2aee492369e84235cb2555ab9a89ea6e33b4abd6200ffe7728f1
.dll windows x86

0c0eb20a870d8ab2372385cf67feafee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LocalFree
UnmapViewOfFile
LeaveCriticalSection
lstrlenA
CopyFileA
LoadLibraryA
CreateDirectoryA
GetLastError
WaitForSingleObject
SetLastError
CreateProcessA
GetModuleFileNameA
GetProcAddress
MapViewOfFile
GetModuleHandleA
ExitProcess
Sleep
InterlockedDecrement
InterlockedCompareExchange
GetTickCount
CloseHandle
GetCommandLineA
InterlockedIncrement
OpenEventA
ReleaseMutex
lstrlenW
CreateEventA

ole32

CoInitialize
CreateBindCtx
OleCreate
OleSetContainedObject
CoUninitialize
CoCreateGuid

user32

GetMessageA
FindWindowA
KillTimer
DestroyWindow
DefWindowProcA
PostQuitMessage
CreateWindowExA
GetWindowLongA
TranslateMessage
DispatchMessageA
GetSystemMetrics
RegisterWindowMessageA
PostMessageA
SendMessageA
SetTimer
GetParent
SetWindowLongA
GetClassNameA

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

Exports

Exports

winmapspl

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c0eb20a870d8ab2372385cf67feafee

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB