bae0b9b6919b298b72fd320fb3af90dcc8a41a73df06b274ad90d539ff665117

Sharing

Copy URL Twitter E-mail

General

Target

bae0b9b6919b298b72fd320fb3af90dcc8a41a73df06b274ad90d539ff665117
Size

253KB
MD5

771457046e0099bf8ef9c3f1e141f064
SHA1

7e5e605df07b967cea763cc8cb781fc778a7abed
SHA256

bae0b9b6919b298b72fd320fb3af90dcc8a41a73df06b274ad90d539ff665117
SHA512

e926bd786ecdf1bcede16a4ce7324f20e63ad83094c6f7ecb62012af5bc74eba513be6b066acf5fb00ef1340dc58064c4e25514fe088ceb688b57e84d7a8d52b
SSDEEP

6144:3yXyefE1E2H4aUpJhxnmrLSIAnUsa5Ve9Ul8rGlWJc6Q17hizYvu:3SfE/KhxmrvAIPRlm3kW

Score

N/A

Malware Config

Signatures

Files

bae0b9b6919b298b72fd320fb3af90dcc8a41a73df06b274ad90d539ff665117
.exe windows x86

73a5d373d9bd69bbc05090c025d319aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
WaitForSingleObject
CreateMutexA
WaitForMultipleObjects
CreateEventA
CreateThread
DisableThreadLibraryCalls
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
FindNextFileA
SetFileAttributesA
FindFirstFileA
GetTempPathA
FindClose
DeleteFileA
lstrcmpA
lstrcatA
lstrcpyA
WritePrivateProfileStringA
ReleaseMutex
DeleteFileW
GetTempFileNameW
CreateDirectoryW
GetTempPathW
WaitForSingleObjectEx
GetLocalTime
VirtualAlloc
VirtualFree
WriteFile
SetFilePointer
CreateMutexW
FlushFileBuffers
CreateFileA
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
OutputDebugStringA
CreateFileW
GetCurrentThreadId
CloseHandle
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
lstrlenA
DeleteCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
GetOEMCP
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapDestroy
GetCommandLineA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetACP
GetThreadLocale
GetProcAddress

user32

UnionRect
UnregisterClassA
CharNextA
SetCursor
LoadCursorA
MessageBoxA
GetForegroundWindow
DestroyWindow
DefWindowProcA
SetWindowLongA
GetWindowLongA
ShowWindow
wsprintfA
GetKeyState
InvalidateRect
IsWindow
GetParent
GetFocus
IsChild
SetFocus
PtInRect
CallWindowProcA
GetClientRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDC
ReleaseDC

gdi32

LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
SetTextAlign
TextOutA
GetDeviceCaps
CreateMetaFileA

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenCurrentUser
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

WriteClassStm
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
OleLoadFromStream
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
OleSaveToStream
CreateDataAdviseHolder

oleaut32

OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
DispCallFunc
VariantInit
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SysFreeString
SysStringLen

w32topl

ToplListCreate

kbdmon

KbdLayerDescriptor

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.p
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wNCX
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CAkRiL
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ELkpqd
Size: 512B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.h
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YG
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73a5d373d9bd69bbc05090c025d319aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

w32topl

kbdmon

Sections

.text Size: 18KB - Virtual size: 18KB

.p Size: 1024B - Virtual size: 1010B

.t Size: 1KB - Virtual size: 1KB

.wNCX Size: 512B - Virtual size: 305B

.rdata Size: 5KB - Virtual size: 4KB

.CAkRiL Size: 2KB - Virtual size: 2KB

.ELkpqd Size: 512B - Virtual size: 564B

.h Size: 2KB - Virtual size: 2KB

.data Size: 213KB - Virtual size: 447KB

.YG Size: 2KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 18KB - Virtual size: 18KB

.p
Size: 1024B - Virtual size: 1010B

.t
Size: 1KB - Virtual size: 1KB

.wNCX
Size: 512B - Virtual size: 305B

.rdata
Size: 5KB - Virtual size: 4KB

.CAkRiL
Size: 2KB - Virtual size: 2KB

.ELkpqd
Size: 512B - Virtual size: 564B

.h
Size: 2KB - Virtual size: 2KB

.data
Size: 213KB - Virtual size: 447KB

.YG
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB