ce0796e22eef10bddbd54b02151770fd411471ffb8f69544040b4ea975d62e01

Sharing

Copy URL Twitter E-mail

General

Target

ce0796e22eef10bddbd54b02151770fd411471ffb8f69544040b4ea975d62e01
Size

276KB
MD5

8c2c1260d424348030c8d86ca8647e2c
SHA1

e00560ea9c29f57dbdb5371c9e2c7cd5e60952c0
SHA256

ce0796e22eef10bddbd54b02151770fd411471ffb8f69544040b4ea975d62e01
SHA512

fcb599c22fb9c564e5b54e8463ecfbcb901504b37a914faa509199f49b89bd1c42917369ac290e1965fc87d1edd22fb2b9b74093da9eb8a7b53d7c6657ffa675
SSDEEP

6144:Z5HI1pRqI0HaIiloPmIWRhoYN5s8ddExL2kB3+A:biR06NBNLHe2WOA

Score

N/A

Malware Config

Signatures

Files

ce0796e22eef10bddbd54b02151770fd411471ffb8f69544040b4ea975d62e01
.exe windows x86

1367d9ae1bd2f3e3b8ee1aa980ca53b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoUninitialize
CoTaskMemFree

advapi32

SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
OpenThreadToken
RegOpenKeyExA
RegDeleteKeyW
RegCloseKey

gdi32

DeleteDC
CreateCompatibleDC
GetDeviceCaps
SelectObject

user32

ReleaseDC
UpdateLayeredWindow
CallNextHookEx
GetPropW
SendInput
DestroyIcon
GetSysColorBrush
DispatchMessageW
EqualRect
DestroyWindow
SetWindowsHookExW
FillRect
GetWindowLongW
MonitorFromPoint
GetSystemMetrics
GetThreadDesktop
EnumDisplayMonitors
OpenDesktopW
IsWindow
GetDC
SetWindowLongW
GetAncestor
DrawIconEx
CloseDesktop
GetUserObjectInformationW
OpenInputDesktop

atl

ord20
ord44
ord58
ord17
ord18
ord16

hid

HidP_GetUsages
HidD_GetHidGuid
HidD_GetPreparsedData

setupapi

SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey

kernel32

InitializeCriticalSectionAndSpinCount
WaitForSingleObject
WaitForMultipleObjects
CreateMutexW
WaitForMultipleObjectsEx
GlobalDeleteAtom
SetPriorityClass
VirtualAlloc
LeaveCriticalSection
lstrlenW
CreateFileW
lstrcpyW
SetEvent
CancelIo
OpenProcess
MapViewOfFile
SetPriorityClass
SetThreadExecutionState
GetTickCount
CloseHandle
GetProcessWorkingSetSize
LoadLibraryW
HeapAlloc
InitializeCriticalSection
InterlockedDecrement
QueueUserAPC
CreateEventW
VirtualFree
GetLastError

msvcrt

fclose
__set_app_type
_CxxThrowException
_ftol
_wfopen
__wgetmainargs
swscanf
_initterm
exit
_itow
_purecall
_beginthreadex
??3@YAXPAX@Z
wcslen
_cexit
_c_exit
_onexit
__p__fmode
_vsnwprintf
wcscmp
wcstol
_wcmdln
_except_handler3
_exit

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1367d9ae1bd2f3e3b8ee1aa980ca53b1

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

gdi32

user32

atl

hid

setupapi

kernel32

msvcrt

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 30KB - Virtual size: 560KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 30KB - Virtual size: 560KB