8ede8095a88b576f012426a537169ae0095e5b9008423438be82ec605d745ae7

Sharing

Copy URL Twitter E-mail

General

Target

8ede8095a88b576f012426a537169ae0095e5b9008423438be82ec605d745ae7
Size

61KB
MD5

f5417bbdf22e3d6a51b1ed7532ec0dc5
SHA1

2abfeb45d43d3a5a51229d9845fae5b5c655d686
SHA256

8ede8095a88b576f012426a537169ae0095e5b9008423438be82ec605d745ae7
SHA512

3487ff814886e932a1ec44644082cda20719811ba05ac09807e09ef134eaf0dde8d75f555c628f9c4e56308d20e8fc5dd5079c071b0a444a515ce254d9134d0a
SSDEEP

1536:VPgRl5PhJiyNLKsyXe/DaaMvzgp6stjafE:V4RhJiyoXebazvzgp6Caf

Score

N/A

Malware Config

Signatures

Files

8ede8095a88b576f012426a537169ae0095e5b9008423438be82ec605d745ae7
.dll windows x86

9eb7285a52b5877c6ba1a059d8128899

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetModuleHandleA
GetPriorityClass
GetPrivateProfileStructA
WaitForMultipleObjects
CloseHandle
lstrlenW
GetCurrentDirectoryA
GetFileSize
FindFirstFileA
WritePrivateProfileStructA
SetFilePointer
CreateFileA
SetCurrentDirectoryA
lstrlenA
GetCurrentProcess
VirtualQueryEx
VirtualProtectEx
WriteProcessMemory
ResumeThread
GetModuleFileNameA
GetCurrentProcessId
OpenProcess
FindNextFileA
GetProcAddress
CreateFileMappingA
VirtualFree
GetComputerNameA
GlobalAlloc
lstrcpyA
GlobalUnlock
LoadLibraryA
lstrcatA
TerminateProcess
MapViewOfFile
ReadFile
SetPriorityClass
WideCharToMultiByte
GlobalLock
WaitForSingleObject
CreatePipe
CreateProcessA
VirtualQuery
UnmapViewOfFile
ReadProcessMemory
VirtualAlloc
Sleep
OutputDebugStringA
FindClose

msvcrt

sprintf
free
toupper
strchr
mktime
realloc
malloc

gdi32

SetBkMode
DeleteObject
SelectObject
SetTextColor
GetDeviceCaps

user32

CheckMenuRadioItem
ShowWindow
CreatePopupMenu
GetParent
SetWindowTextA
TrackPopupMenu
GetCursorPos
GetActiveWindow
SetClassLongA
ScreenToClient
IsZoomed
DestroyCursor
IsDlgButtonChecked
SetForegroundWindow
GetDlgItemTextA
SetDlgItemTextA
CloseClipboard
CheckDlgButton
wsprintfA
SendDlgItemMessageA
CharUpperA
GetDlgItem
MessageBeep
GetClipboardData
SendMessageA
GetClassInfoA
LoadIconA
CallWindowProcA
InvalidateRect
AppendMenuA
IsIconic
SetWindowLongA
KillTimer
GetAsyncKeyState
EnableWindow

kbdpanui

_FDscale
_Getcoll
_FDtest
_LDtest
_Inf
_Rteps
_FRteps
_Nan
_FEps
_Dtest
_Snan
_LPoly
_LSnan
_FDenorm
_Tolower
_LEps
_LDscale
_LRteps
_Wcrtomb
_Dnorm
_FCosh
_LCosh
_Poly
_Exp
_LInf
_Eps
_LDenorm
_Hugeval
_Stof
_FExp
_LExp
_Getctype
_FSinh
_Sinh
_FDnorm

imagehlp

BindImageEx

advapi32

RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
LookupPrivilegeValueA
RegCloseKey

comdlg32

GetOpenFileNameA

Exports

Exports

CreateProcessNotify
DllClientCleanup
cmdkpugc
DllClientStartup

Sections

.text
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eb7285a52b5877c6ba1a059d8128899

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

kbdpanui

imagehlp

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB