faeb4608c0fdea157ab4ec1cf556abda2049bed292cca43888d2a8858994f60a

Sharing

Copy URL Twitter E-mail

General

Target

faeb4608c0fdea157ab4ec1cf556abda2049bed292cca43888d2a8858994f60a
Size

129KB
MD5

106480779d98ef3dbd20921f4e554fcd
SHA1

f5ce96d8b478c43e44c101e82c25084ff4bc4899
SHA256

faeb4608c0fdea157ab4ec1cf556abda2049bed292cca43888d2a8858994f60a
SHA512

8d892fcd4decb4c28aeae4b7e04dfd312df890546c7d9fd92d8f3291af6604dcfcf122ee31d4f2bde76ae4d2cd28c01bc77b16c17658aeb278aebd43b08c0f7b
SSDEEP

3072:kzpmjen55letRWQJJWp38aD+uZ1g7S2/xpxfv2UcdyIsx:QnyRWQnesL7b5edyt

Score

N/A

Malware Config

Signatures

Files

faeb4608c0fdea157ab4ec1cf556abda2049bed292cca43888d2a8858994f60a
.dll windows x86

2cf0b9ad36501fad70020adcef6e370d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LoadLibraryExW
GetModuleHandleW
LockResource
FindResourceExW
InterlockedExchange
DeleteFileW
MoveFileExW
GetFileSizeEx
ReadFile
SetFilePointerEx
CreateFileW
CloseHandle
InterlockedDecrement
GetSystemInfo
lstrcmpiA
WriteProcessMemory
ReleaseMutex
CreateMutexW
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GlobalDeleteAtom
DebugBreak
HeapAlloc
HeapReAlloc
LoadResource
GlobalGetAtomNameW
SetLastError
LoadLibraryW
GetProcAddress
InterlockedIncrement
TlsGetValue
FlushViewOfFile
GetLocalTime
UnmapViewOfFile
DeleteCriticalSection
CreateFileMappingA
MapViewOfFile
ReleaseSemaphore
CreateSemaphoreW
LocalFree
GetVersionExW
ExpandEnvironmentStringsW
GetFileAttributesW
GetUserDefaultLCID
WaitForSingleObject
CreateEventW
SetEvent
lstrcatW
lstrcpyW
FormatMessageW
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcmpiW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
GetLastError
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
GetVersion
VirtualProtect
GetTickCount
GlobalAddAtomW
GetCommandLineA

user32

EnumPropsExA
EnumPropsW
CharNextW
MessageBoxW
MessageBeep
GetParent
FindWindowExW
GetPropW
SendMessageW
LoadImageW
GetWindowLongW
MsgWaitForMultipleObjects
PostThreadMessageW
wsprintfA
EnumPropsA
IsWindow
CallWindowProcW
PeekMessageW
RemovePropW
SetPropW
GetSystemMetrics
PostQuitMessage
PostMessageW
SetWindowLongW

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegQueryValueExW
RegEnumKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegLoadKeyW
RegOpenKeyW
RegisterEventSourceW
OpenProcessToken

gdi32

CreateFontIndirectW
GetObjectW
DeleteObject

ole32

StringFromGUID2
CoTaskMemFree
StringFromCLSID
PropVariantClear
CoGetClassObject
CoGetObject
CoCreateInstance
CoSetProxyBlanket
CLSIDFromString
CoTaskMemAlloc

rpcrt4

NdrDllRegisterProxy

msvcrt

_itow
free
_CxxThrowException
_callnewh
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
realloc
_errno
memset
towlower
memcpy
printf
_stricmp
mktime
memmove
_local_unwind2
wcscmp
iswctype
_wcsnicmp
malloc
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cf0b9ad36501fad70020adcef6e370d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 33KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 33KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 5KB - Virtual size: 5KB