c483fc44f911b9ae4b1ae51339545675e239b92cceed41ec3965774348eabe22

Sharing

Copy URL

Twitter E-mail

General

Target

c483fc44f911b9ae4b1ae51339545675e239b92cceed41ec3965774348eabe22
Size

277KB
MD5

36de3949b474d87c100a155fff099b66
SHA1

89eaf37e1e937dbd250939ff597402b166a0a9d0
SHA256

c483fc44f911b9ae4b1ae51339545675e239b92cceed41ec3965774348eabe22
SHA512

e20ba37ee34bc8ad9b0b661d015e8164ade510496c70327921d9fbaecc3b92d138ba3a5797b9a77a5dba838450d17311dcc9821847751f6d2384525c795b9b87
SSDEEP

6144:L0iySEtjVj6nZ38u3rcbsvrpe/SMV7lORvHEdBBgXruA++I+:LbyS2VKZ3XrTrQv8ZE6q8

Score

N/A

Malware Config

Signatures

Files

c483fc44f911b9ae4b1ae51339545675e239b92cceed41ec3965774348eabe22
.exe windows x86

d836292cf7fc14bb176396d4655277c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fputws
__set_app_type
_itow
_CIpow
_controlfp
_initterm
fclose
_c_exit
_wfopen
wcscpy
??1type_info@@UAE@XZ
wcscmp
wcslen
malloc
_ftol
free
_cexit
_except_handler3
__dllonexit
_CxxThrowException

advapi32

CopySid
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyW
GetTokenInformation
RegEnumKeyW
RegCloseKey
SetSecurityDescriptorOwner
GetLengthSid
RegSetValueExW
RegQueryValueExA

atl

ord20
ord43
ord18
ord23
ord44

setupapi

SetupDiEnumDeviceInterfaces

user32

SystemParametersInfoW
OpenInputDesktop
CharNextW
LoadImageW
GetDC
GetClientRect
ClientToScreen
GetMonitorInfoW
UnregisterDeviceNotification
GetMessageW
MoveWindow
GetAncestor
GetDesktopWindow
GetSystemMetrics
ShowWindow
IntersectRect
InflateRect
GetThreadDesktop
ReleaseDC
MonitorFromWindow
SetWindowsHookExW
PtInRect
OpenDesktopW
CallNextHookEx
RegisterWindowMessageW
LoadStringW
GetSysColorBrush
GetWindowLongW

kernel32

GetStartupInfoW
lstrcpyW
SetThreadPriority
SetThreadExecutionState
GetCurrentProcess
QueryPerformanceFrequency
GetProcessShutdownParameters
CreateEventW
GetCurrentThread
QueryPerformanceCounter
GetProcessHeap
VirtualFree
ResetEvent
SetWaitableTimer
CreateWaitableTimerW
FlushInstructionCache
GetTickCount
WaitForMultipleObjectsEx
CloseHandle
ReadFile
GetOverlappedResult
DeleteCriticalSection
SetPriorityClass
SetPriorityClass
QueueUserAPC
VerifyVersionInfoW
VirtualAllocEx
WaitForMultipleObjects
FreeLibrary
GetCommandLineW
GlobalAddAtomW
InterlockedDecrement
OpenEventW
EnterCriticalSection

ole32

CoTaskMemFree
CoInitializeEx
CoInitializeSecurity

gdi32

CreateSolidBrush
CreateCompatibleBitmap
SelectObject
GetDeviceCaps

hid

HidP_GetUsageValue
HidD_FreePreparsedData
HidD_GetHidGuid
HidP_GetSpecificValueCaps
HidP_MaxUsageListLength

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d836292cf7fc14bb176396d4655277c2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

atl

setupapi

user32

kernel32

ole32

gdi32

hid

Sections

.text Size: 173KB - Virtual size: 173KB

.data Size: 74KB - Virtual size: 74KB

.rsrc Size: 28KB - Virtual size: 536KB

.text
Size: 173KB - Virtual size: 173KB

.data
Size: 74KB - Virtual size: 74KB

.rsrc
Size: 28KB - Virtual size: 536KB