f671c03a06e1c0798548c3efd9eefb76f12ee9c0f86e3866eeb55d5f851f878e

Sharing

Copy URL Twitter E-mail

General

Target

f671c03a06e1c0798548c3efd9eefb76f12ee9c0f86e3866eeb55d5f851f878e
Size

148KB
MD5

8088b726e2175eed4876a492a29624d1
SHA1

9225d7bedbff6235a1bf6cd30bc5906b68cfe88c
SHA256

f671c03a06e1c0798548c3efd9eefb76f12ee9c0f86e3866eeb55d5f851f878e
SHA512

03d638acf4e3d301de5c24ed949e742974d7ca90036f1c409ebf6d60ecce87d9da87c7a9f757d479877ff6cfcaec5805b35e73fb6573291fd1605bdf54e287da
SSDEEP

3072:0oxdi513h3W3NTUQG13lwu1H7dM0xV6eKynNe2tWxz:0oxdileIVwu7NjKynNe2tWZ

Score

N/A

Malware Config

Signatures

Files

f671c03a06e1c0798548c3efd9eefb76f12ee9c0f86e3866eeb55d5f851f878e
.dll windows x86

4453c46b7c58ff662c437d1e7f8eb0c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
TerminateProcess
CopyFileA
HeapAlloc
CreateEventA
CreateFileMappingA
OpenFileMappingA
OpenEventA
InterlockedIncrement
CreateFileA
GetCurrentProcess
WriteFile
LocalFree
GetLastError
GetModuleFileNameA
MapViewOfFile
GetModuleHandleA
GetProcAddress
WaitForSingleObject
GetCommandLineA
CreateMutexW
InterlockedCompareExchange
WriteProcessMemory
CreateProcessA
GlobalFree
Sleep
LeaveCriticalSection
GetProcessHeap
GetComputerNameA
GlobalAlloc
InterlockedDecrement
CloseHandle
CreateDirectoryA
GetTickCount
HeapFree
ExitProcess
UnmapViewOfFile
EnterCriticalSection
LoadLibraryA
GetVolumeInformationA
ReadProcessMemory

ole32

OleCreate
CoSetProxyBlanket
CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
OleSetContainedObject

user32

GetParent
DestroyWindow
CreateWindowExA
GetSystemMetrics
KillTimer
GetWindowThreadProcessId
GetClassNameA
SetWindowLongA
GetMessageA
DefWindowProcA
ClientToScreen
GetWindow
PeekMessageA
RegisterWindowMessageA
GetWindowLongA
ScreenToClient
GetCursorPos
FindWindowA
SendMessageA
SetWindowsHookExA
DispatchMessageA
SetTimer
TranslateMessage
UnhookWindowsHookEx
PostQuitMessage

oleaut32

SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegOpenKeyExA
OpenProcessToken
GetUserNameA
RegQueryValueExA
DuplicateTokenEx
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
SetTokenInformation
RegCloseKey
RegDeleteKeyA

shell32

SHGetFolderPathA

Exports

Exports

eapPathapi

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 985B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4453c46b7c58ff662c437d1e7f8eb0c6

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 985B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 985B

.reloc
Size: 8KB - Virtual size: 6KB