7c654cb6d4dbb6749f0f04e6aaac4902d940e1c004e8204e71f32708a3c52703

Sharing

Copy URL Twitter E-mail

General

Target

7c654cb6d4dbb6749f0f04e6aaac4902d940e1c004e8204e71f32708a3c52703
Size

60KB
MD5

c7b01dcd9e3ea31789f47b12ab6f8680
SHA1

0848d74c0f366fdb1d53c747d7e7a22c7dd897aa
SHA256

7c654cb6d4dbb6749f0f04e6aaac4902d940e1c004e8204e71f32708a3c52703
SHA512

1382b717962e5bf58b8331367cf47701a41e0cb70d749903b498f741336838b4ac85c4ad3c285ed6bc100072e07697c6a119b3360a4e9992b332378e61cffd46
SSDEEP

768:cvN1gDtgywNCsZucRnPerxpt6kqM/OF9FAAvYhmGR5jepl/tsOfG/+DPLzYbekDw:UPZjg/GOQbGR5OWOcckhwemqsSC

Score

N/A

Malware Config

Signatures

Files

7c654cb6d4dbb6749f0f04e6aaac4902d940e1c004e8204e71f32708a3c52703
.dll windows x86

72b639bf29c90987230dd167a4e5885f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
lstrcpynA
CreateEventA
GetVersionExA
lstrcmpA
VirtualAlloc
VirtualFree
lstrcmpiA
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
GetSystemTime
MoveFileA
GetCurrentThreadId
WritePrivateProfileStringA
GetWindowsDirectoryA
MoveFileExA
GetTempPathA
ReleaseMutex
GetTickCount
GetVersion
GetVolumeInformationA
SetEvent
GetFileSize
SystemTimeToFileTime
GetProcessHeap
HeapFree
ReadFile
HeapAlloc
GetTempFileNameA
DeleteFileA
GlobalAlloc
VirtualQueryEx
GetThreadContext
GlobalFree
TerminateProcess
ResumeThread
RtlUnwind
VirtualQuery
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
ExitProcess
WaitForSingleObject
CreateMutexA
OpenProcess
lstrcpyA
lstrcatA
lstrlenA
GetModuleHandleA
GetProcAddress
GetLastError
RaiseException
GetLocaleInfoA
GetModuleFileNameA

user32

LoadIconA
DefWindowProcA
GetWindowTextA
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop
MessageBoxA
LoadCursorA
FindWindowA
SetWindowsHookExA
PostMessageA
FindWindowExA
GetWindowThreadProcessId
InflateRect
ClientToScreen
GetCursorPos
IsWindowVisible
GetFocus
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
CallNextHookEx
wsprintfA
EqualRect
DispatchMessageA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
OpenProcessToken
CreateProcessAsUserA

shlwapi

SHDeleteKeyA
SHDeleteValueA
SHGetValueA
SHSetValueA

gdi32

GetBkColor
GetBkMode

Exports

Exports

SSaPJOP
kWfzsBkQx
pyvIMz
rUfVTjtHH
ufsuge

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72b639bf29c90987230dd167a4e5885f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 13KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 13KB

.reloc
Size: 3KB - Virtual size: 2KB