e0040f6d4a9fa77da6f97890e45ee30058bcd22ad23076483222f16d08c57e44

Sharing

Copy URL Twitter E-mail

General

Target

e0040f6d4a9fa77da6f97890e45ee30058bcd22ad23076483222f16d08c57e44
Size

49KB
MD5

f11b217d3d86473f50e16c9e0185e8ce
SHA1

cdfadc2a6569853f2bf8b14f35cef5eb8e21c1cf
SHA256

e0040f6d4a9fa77da6f97890e45ee30058bcd22ad23076483222f16d08c57e44
SHA512

b8f26a102f421be56a65d0880516157e19ddc5c1ab1d8e569924bc0ea1e60de7672f0c01329581aecde3d4ae701eca85d5d14a0da2af6ab490bde339bf925253
SSDEEP

384:sl5Z5dNSxuhF2Yw07gx9YlNMbxwaL5k4bbP0u3qV2CHABNM7t7mqiDUX+onWchfx:0j/fF2TIKbSiLbD0uaV2fEWoHVx

Score

N/A

Malware Config

Signatures

Files

e0040f6d4a9fa77da6f97890e45ee30058bcd22ad23076483222f16d08c57e44
.dll windows x86

a0d1396d353e51fc6b1bf904419f3e4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
fread
fwrite
_stricmp
sprintf
fopen
fseek
strstr
fclose
_strcmpi

oleacc

AccessibleObjectFromWindow

kernel32

lstrlenA
WideCharToMultiByte
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
ReadProcessMemory
Module32Next
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
GetCurrentThreadId
ReleaseMutex
CreateMutexA
GetVersionExA
Sleep
CloseHandle
GetCurrentProcess
GetLastError
OpenProcess
CreateThread
OpenMutexA

user32

EnumWindows
ExitWindowsEx
SendMessageA
GetParent
PostMessageA
IsWindowVisible
GetWindowRect
ShowWindow
GetWindowThreadProcessId
FindWindowExA
ScreenToClient
CloseDesktop
SetThreadDesktop
OpenDesktopA
CloseWindowStation
SetProcessWindowStation
OpenWindowStationA
GetThreadDesktop
GetProcessWindowStation
SetWindowTextA
GetDC
SetWindowPos
FindWindowA
GetClassNameA
IsZoomed
ReleaseDC
GetWindowTextA
GetWindow

gdi32

SetTextCharacterExtra
GetPixel
SetBkColor
SetTextColor
CreateFontA
SelectObject
DeleteObject
TextOutA

advapi32

AdjustTokenPrivileges
RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetServiceStatus
OpenProcessToken
LookupPrivilegeValueA

ole32

CoInitialize

oleaut32

SysFreeString
VariantClear
VariantInit

Exports

Exports

Mywork
ServiceMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0d1396d353e51fc6b1bf904419f3e4c

Headers

File Characteristics

Imports

msvcrt

oleacc

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 24KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 24KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 5KB - Virtual size: 4KB