a022913470f988d8c3de3e57989cbc36c405d3c10a2b465e7e23d5ff2af4da59

Sharing

Copy URL Twitter E-mail

General

Target

a022913470f988d8c3de3e57989cbc36c405d3c10a2b465e7e23d5ff2af4da59
Size

61KB
MD5

e2fb22ffba49f72d15b0373d8361dd06
SHA1

509d50d74473252e57c6dd06001d10fff16aa6c2
SHA256

a022913470f988d8c3de3e57989cbc36c405d3c10a2b465e7e23d5ff2af4da59
SHA512

2e1a11e05c863e3e31ddf68e33bfd3b35e324ce07fd33976166a80a7a6ad9d109614099e112305eb509d14383297ce6e9ccb3e32ed58bc483f874862209f763f
SSDEEP

1536:VPgRl5PhJiyNLKsyXe/DaaMvzgp64tjafE:V4RhJiyoXebazvzgp6Waf

Score

N/A

Malware Config

Signatures

Files

a022913470f988d8c3de3e57989cbc36c405d3c10a2b465e7e23d5ff2af4da59
.dll windows x86

9eb7285a52b5877c6ba1a059d8128899

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetModuleHandleA
GetPriorityClass
GetPrivateProfileStructA
WaitForMultipleObjects
CloseHandle
lstrlenW
GetCurrentDirectoryA
GetFileSize
FindFirstFileA
WritePrivateProfileStructA
SetFilePointer
CreateFileA
SetCurrentDirectoryA
lstrlenA
GetCurrentProcess
VirtualQueryEx
VirtualProtectEx
WriteProcessMemory
ResumeThread
GetModuleFileNameA
GetCurrentProcessId
OpenProcess
FindNextFileA
GetProcAddress
CreateFileMappingA
VirtualFree
GetComputerNameA
GlobalAlloc
lstrcpyA
GlobalUnlock
LoadLibraryA
lstrcatA
TerminateProcess
MapViewOfFile
ReadFile
SetPriorityClass
WideCharToMultiByte
GlobalLock
WaitForSingleObject
CreatePipe
CreateProcessA
VirtualQuery
UnmapViewOfFile
ReadProcessMemory
VirtualAlloc
Sleep
OutputDebugStringA
FindClose

msvcrt

sprintf
free
toupper
strchr
mktime
realloc
malloc

gdi32

SetBkMode
DeleteObject
SelectObject
SetTextColor
GetDeviceCaps

user32

CheckMenuRadioItem
ShowWindow
CreatePopupMenu
GetParent
SetWindowTextA
TrackPopupMenu
GetCursorPos
GetActiveWindow
SetClassLongA
ScreenToClient
IsZoomed
DestroyCursor
IsDlgButtonChecked
SetForegroundWindow
GetDlgItemTextA
SetDlgItemTextA
CloseClipboard
CheckDlgButton
wsprintfA
SendDlgItemMessageA
CharUpperA
GetDlgItem
MessageBeep
GetClipboardData
SendMessageA
GetClassInfoA
LoadIconA
CallWindowProcA
InvalidateRect
AppendMenuA
IsIconic
SetWindowLongA
KillTimer
GetAsyncKeyState
EnableWindow

kbdpanui

_FDscale
_Getcoll
_FDtest
_LDtest
_Inf
_Rteps
_FRteps
_Nan
_FEps
_Dtest
_Snan
_LPoly
_LSnan
_FDenorm
_Tolower
_LEps
_LDscale
_LRteps
_Wcrtomb
_Dnorm
_FCosh
_LCosh
_Poly
_Exp
_LInf
_Eps
_LDenorm
_Hugeval
_Stof
_FExp
_LExp
_Getctype
_FSinh
_Sinh
_FDnorm

imagehlp

BindImageEx

advapi32

RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
LookupPrivilegeValueA
RegCloseKey

comdlg32

GetOpenFileNameA

Exports

Exports

CreateProcessNotify
DllClientCleanup
doskrsh
DllClientStartup

Sections

.text
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eb7285a52b5877c6ba1a059d8128899

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

kbdpanui

imagehlp

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB