cbc0a1e3e700dbbcaf818f2fc2131a3c13c9d701ec0d8c097cb092222dbc7827

Sharing

Copy URL Twitter E-mail

General

Target

cbc0a1e3e700dbbcaf818f2fc2131a3c13c9d701ec0d8c097cb092222dbc7827
Size

148KB
MD5

682f5e5e172fef5cf7f92652ee838939
SHA1

dbdc5dabedc7b19528028230826e069f85cd976e
SHA256

cbc0a1e3e700dbbcaf818f2fc2131a3c13c9d701ec0d8c097cb092222dbc7827
SHA512

800c39bf9aabd8dfd1aedee5e68561246c09d9d721c2c1aeb84ff9f8b3e312704f59592230fc612179a1eddf2eb6a620c5dd6ea588ee609087f87e757c339fbe
SSDEEP

3072:0QeKHqtDDbsUpM1KAGTYHf4N9PjByyhfk9ul3fdeQ9sVZLaBC:3eKHqlDxJMHf4bPdH+kl5NBC

Score

N/A

Malware Config

Signatures

Files

cbc0a1e3e700dbbcaf818f2fc2131a3c13c9d701ec0d8c097cb092222dbc7827
.dll windows x86

f3c4626469558b940c2d48ffe3670616

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetLastError
CreateFileA
CreateFileMappingA
CreateMutexW
LoadLibraryA
GetModuleFileNameA
GetProcAddress
EnterCriticalSection
GetCurrentProcess
GetModuleHandleA
InterlockedDecrement
UnmapViewOfFile
WriteProcessMemory
GetTickCount
TerminateProcess
CreateDirectoryA
GetVolumeInformationA
CloseHandle
ExitProcess
SetLastError
InterlockedCompareExchange
OpenFileMappingA
WaitForSingleObject
GlobalAlloc
MapViewOfFile
InterlockedIncrement
CreateEventA
CopyFileA
CreateProcessA
WriteFile
LeaveCriticalSection
HeapAlloc
GetProcessHeap
GetComputerNameA
HeapFree
LocalFree
OpenEventA
GlobalFree
ReadProcessMemory
Sleep

ole32

OleSetContainedObject
OleCreate
CoCreateInstance
CoInitialize
CoUninitialize
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateGuid

user32

CreateWindowExA
GetCursorPos
TranslateMessage
SetTimer
GetParent
ScreenToClient
PostQuitMessage
GetClassNameA
UnhookWindowsHookEx
GetWindow
SetWindowsHookExA
DefWindowProcA
SetWindowLongA
ClientToScreen
DestroyWindow
GetSystemMetrics
SendMessageA
GetWindowLongA
GetWindowThreadProcessId
FindWindowA
KillTimer
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
GetMessageA

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

OpenProcessToken
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
DuplicateTokenEx
RegCreateKeyExA
SetTokenInformation
RegCloseKey
GetUserNameA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

xpWIvga

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3c4626469558b940c2d48ffe3670616

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB