8af8e026ef4e9b73761e7f4791414a0fc63b6de6a4b08bdc318befd1333c23c4

Sharing

Copy URL Twitter E-mail

General

Target

8af8e026ef4e9b73761e7f4791414a0fc63b6de6a4b08bdc318befd1333c23c4
Size

128KB
MD5

fca28550e1952a01ca801630f587e3a0
SHA1

94f49b56bbc90a68680d057dcba183940cb777d7
SHA256

8af8e026ef4e9b73761e7f4791414a0fc63b6de6a4b08bdc318befd1333c23c4
SHA512

2f4de335174e7e7877390506f533508ccd4c82b17af161e05b8ef810c67433bb0a2b2216d8ec349fb8654f7e47dc48142683e4701a071a21c1c78bcbece76c26
SSDEEP

3072:1rYDPPS7g3aSTFx/1L3+p/Cm5Tet+QE026GHkKLLH5qyhB:10zK7g35n1LZm5Tet+X02vHfH5qyhB

Score

N/A

Malware Config

Signatures

Files

8af8e026ef4e9b73761e7f4791414a0fc63b6de6a4b08bdc318befd1333c23c4
.dll windows x86

3d994622a3aa8510eb587b736e3dda2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
ReleaseSemaphore
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetSystemTimeAsFileTime
FreeLibrary
InterlockedIncrement
GetModuleFileNameA
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
MulDiv
CreateThread
GetTickCount
SetThreadPriority
InterlockedExchange
lstrcpyW
GetModuleHandleW
GetProcAddress
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetCurrentDirectoryA
ExitThread
GetModuleHandleA
InterlockedDecrement
ExitProcess

user32

wsprintfW
CheckRadioButton
SendDlgItemMessageW
IsDlgButtonChecked
IsRectEmpty
LoadStringW
GetDesktopWindow
GetWindowLongW
SetWindowLongW
CreateDialogParamW
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcW
GetWindowRect

advapi32

RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW

ole32

CoCreateInstance
CoTaskMemFree
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoInitialize
CoTaskMemAlloc

msvcrt

_vsnprintf

winmm

timeGetTime

Exports

Exports

AnyDoInstances

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d994622a3aa8510eb587b736e3dda2e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

winmm

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 44KB - Virtual size: 104KB

.rsrc Size: 24KB - Virtual size: 20KB

.reloc Size: 4KB - Virtual size: 674B

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 44KB - Virtual size: 104KB

.rsrc
Size: 24KB - Virtual size: 20KB

.reloc
Size: 4KB - Virtual size: 674B