caf5a3feef6c30bae47bcde3b88e7501e1d75e03b1f65443c5673ce6481c65c3

Sharing

Copy URL Twitter E-mail

General

Target

caf5a3feef6c30bae47bcde3b88e7501e1d75e03b1f65443c5673ce6481c65c3
Size

120KB
MD5

3f7100600d22ce2943c67b8c2a09aac0
SHA1

8cea2d82224bc3c52789e44a1528009eb7529e98
SHA256

caf5a3feef6c30bae47bcde3b88e7501e1d75e03b1f65443c5673ce6481c65c3
SHA512

5cd9e38eaf4cffcaa7dac5ec063f4ab7635f3afdd7dd94a6af05b514184366e6eff29e6cee9774c8b36dbab98931b2a0d464bf2eec3a2cd72b1f64c62219803a
SSDEEP

1536:W2f3pg/Kwk4y4RaGuCJjULBqbGtDGZeolTlBDGIglhy05WVM/8+NZ70m:XfRwtVuO4LnDZolTqIg3KM/JNZ70

Score

N/A

Malware Config

Signatures

Files

caf5a3feef6c30bae47bcde3b88e7501e1d75e03b1f65443c5673ce6481c65c3
.dll windows x86

74140e012fdcb2d0c8c20f4bd9929e20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrcmpW
LoadLibraryW
FreeLibrary
GetProcAddress
CloseHandle
lstrlenW
LocalAlloc
LocalFree
FormatMessageW
GetModuleFileNameW
CreateEventW
CreateMutexW
GetStringTypeA
LCMapStringW
TlsGetValue
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
TlsSetValue
TlsAlloc
GetCommandLineA
UnhandledExceptionFilter
Sleep
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
InterlockedExchange
GetLocaleInfoW
GetCurrentProcessId
VirtualProtect
LCMapStringA
GetStdHandle
SetHandleCount
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
RtlUnwind
GetVersion
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetStringTypeW

user32

GetWindowLongW
SetWindowLongW
DestroyWindow
CreateWindowExW
RegisterClassW
LoadCursorW
FindWindowW
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageW
SetForegroundWindow
BringWindowToTop
ShowWindow
DialogBoxParamW
LoadStringW
SetWindowTextW
CharNextW
SendMessageW
DestroyIcon

advapi32

RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
CryptImportKey
CryptGenRandom
CryptGetUserKey
CryptGetKeyParam
CryptDestroyKey
CryptGetProvParam
RevertToSelf
CryptAcquireContextW
CryptSetProvParam
CryptReleaseContext
RegQueryInfoKeyW
RegQueryValueExW

gdi32

DeleteObject
GetStockObject

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitialize
CLSIDFromProgID

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74140e012fdcb2d0c8c20f4bd9929e20

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 80KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 80KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB