8f35f9d4cef60b2556c5de408f295cac6f04f39ca48b606882ff0fa3736e0eee

Sharing

Copy URL Twitter E-mail

General

Target

8f35f9d4cef60b2556c5de408f295cac6f04f39ca48b606882ff0fa3736e0eee
Size

22KB
MD5

bfba3cecaa796b256f657dee4220a33e
SHA1

2bd33b29a580e73da0fdbf5a3b834468c17e7b18
SHA256

8f35f9d4cef60b2556c5de408f295cac6f04f39ca48b606882ff0fa3736e0eee
SHA512

b53068e494c7de6b42057bc7b773fad83ef8f4c5c44520a137e391fc739da2f7a66f5c5da0392271777b1edc804213b86e5dee8c8517f2faa8c8ae898fd4282c
SSDEEP

384:c33sYwS0c6/ASEAElv7PA69qbcY2sX2BVN2FmPDxq0BislLpp7yO:cnSDQP9QcY2whFmPxBvlK

Score

N/A

Malware Config

Signatures

Files

8f35f9d4cef60b2556c5de408f295cac6f04f39ca48b606882ff0fa3736e0eee
.dll windows x86

dac354d0fb66ebadd91aa7726e1e51b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
WriteFile
Sleep
GetLastError
LoadLibraryA
OpenProcess
GetFileSize
lstrcmpA
CreateEventA
GetLocaleInfoA
GetModuleHandleA
CreateProcessA
FreeLibrary
GetSystemDirectoryA
GetCurrentThreadId
lstrcatA
GetVersionExA
WaitForSingleObject
lstrcmpiA
GetProcAddress
GetTempPathA
VirtualAlloc
VirtualFree
CopyFileA
GetProcessHeap
ReadProcessMemory
ReadFile
VirtualProtectEx
GetTempFileNameA
WriteProcessMemory
DeleteFileA
HeapAlloc
HeapFree
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
VirtualQuery
RtlUnwind
GetVersion
CloseHandle
GetTickCount
CreateMutexA
GetModuleFileNameA
FindAtomA
GetLocalTime
lstrlenA
lstrcpyA
CreateFileA
IsDebuggerPresent

user32

InflateRect
SetWindowsHookExA
ClientToScreen
GetCursorPos
OpenInputDesktop
GetWindowRect
PostMessageA
EqualRect
IsWindowVisible
FindWindowExA
SetThreadDesktop
CloseDesktop
GetCaretPos
GetWindowThreadProcessId
wsprintfA
GetFocus
FindWindowA
CallNextHookEx
GetThreadDesktop

advapi32

CreateProcessAsUserA
RegEnumValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA

shlwapi

SHSetValueA
SHGetValueA

Exports

Exports

EvtShutdown
EvtStartup
inst
run
tes

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nor
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dac354d0fb66ebadd91aa7726e1e51b5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 11KB

.nor Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 11KB

.nor
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB