d090fd08cd9adc5e4a56eb3db6951ccb21f5c3bec98bbbcab6eb609e08573833

Sharing

Copy URL

Twitter E-mail

General

Target

d090fd08cd9adc5e4a56eb3db6951ccb21f5c3bec98bbbcab6eb609e08573833
Size

144KB
MD5

dbf9410f2c1bef525681c3290ac9b664
SHA1

54b8e32459979095b9e058605a2bbdcf8d8f9418
SHA256

d090fd08cd9adc5e4a56eb3db6951ccb21f5c3bec98bbbcab6eb609e08573833
SHA512

5ba29206f03370bbd26bcfb82ec7492e7be086fd600079f49419156a3f953983e790eb2b0f5b3bcbdd8c0c5d4d6d0e1d79e4ee24b7e3a5af944fe8bf127c7330
SSDEEP

3072:gXDThSYGx8GuUJceshiiNJvX+o3vM9N6jREwIm991tQ:gHhSr8RUJs4mvSNMRpIm9Lt

Score

N/A

Malware Config

Signatures

Files

d090fd08cd9adc5e4a56eb3db6951ccb21f5c3bec98bbbcab6eb609e08573833
.dll windows x86

026127298fec9a2d74ab26226b9e3878

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
OpenFileMappingA
GetCurrentProcess
UnmapViewOfFile
GetVolumeInformationA
SetLastError
CreateFileA
InterlockedDecrement
GetComputerNameA
HeapAlloc
CreateFileMappingA
WriteProcessMemory
TerminateProcess
CopyFileA
InterlockedCompareExchange
ReadProcessMemory
LocalFree
WriteFile
CreateEventA
GetProcAddress
WaitForSingleObject
GetTickCount
GetProcessHeap
GetLastError
Sleep
GlobalFree
EnterCriticalSection
ExitProcess
CreateProcessA
GlobalAlloc
LeaveCriticalSection
OpenEventA
GetModuleHandleA
MapViewOfFile
CreateMutexW
InterlockedIncrement
GetModuleFileNameA
LoadLibraryA
CloseHandle
GetCommandLineA
CreateDirectoryA

ole32

CoSetProxyBlanket
OleSetContainedObject
CoCreateGuid
OleCreate
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoUninitialize

user32

GetWindowThreadProcessId
KillTimer
ScreenToClient
GetWindowLongA
GetClassNameA
GetParent
UnhookWindowsHookEx
GetCursorPos
PeekMessageA
FindWindowA
GetWindow
CreateWindowExA
DestroyWindow
PostQuitMessage
DefWindowProcA
DispatchMessageA
SetWindowLongA
ClientToScreen
SendMessageA
TranslateMessage
GetSystemMetrics
SetWindowsHookExA
GetMessageA
RegisterWindowMessageA
SetTimer

oleaut32

SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegSetValueExA
RegQueryValueExA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
SetTokenInformation
DuplicateTokenEx
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
GetUserNameA

shell32

SHGetFolderPathA

Exports

Exports

appnetUsb

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

026127298fec9a2d74ab26226b9e3878

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 992B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 992B

.reloc
Size: 8KB - Virtual size: 6KB