9124684b51f5b4f8e71daa331109aabc3fffa4ba4566524f179f93bdd79ebc4d

Sharing

Copy URL Twitter E-mail

General

Target

9124684b51f5b4f8e71daa331109aabc3fffa4ba4566524f179f93bdd79ebc4d
Size

148KB
MD5

c6ef3251ebce4936b2402863f3d3a550
SHA1

67502305040bddfdd307e5e26c1ca4ae27d32cf2
SHA256

9124684b51f5b4f8e71daa331109aabc3fffa4ba4566524f179f93bdd79ebc4d
SHA512

f3dd0617157b4dd53416d76a3a35bab15b4be9487e442222a229da0c5a5c97ff8c68d43d7b2bc78844d5ddfd762952cddf1d73c203aec4b26cbcf8ba79a5b806
SSDEEP

3072:4eypPb5hfZBmbRxP1P0kMk/ZcN/J9h0Zb0TCqsQjq53:4eypPb5hf/SrP90kRI96ijr+53

Score

N/A

Malware Config

Signatures

Files

9124684b51f5b4f8e71daa331109aabc3fffa4ba4566524f179f93bdd79ebc4d
.dll windows x86

e2aaec7acf7185b3029d2979e8ef95a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WriteProcessMemory
CreateDirectoryA
WriteFile
GetTickCount
CopyFileA
WaitForSingleObject
OpenEventA
GetCommandLineA
GetModuleFileNameA
CreateEventA
LocalFree
CloseHandle
GetLastError
LeaveCriticalSection
UnmapViewOfFile
ReadProcessMemory
InterlockedIncrement
InterlockedCompareExchange
GetProcAddress
GetVolumeInformationA
HeapAlloc
GetComputerNameA
GlobalFree
InterlockedDecrement
Sleep
CreateMutexW
MapViewOfFile
EnterCriticalSection
TerminateProcess
LoadLibraryA
GetModuleHandleA
CreateFileA
CreateFileMappingA
GetProcessHeap
SetLastError
CreateProcessA
OpenFileMappingA
GetCurrentProcess
HeapFree
GlobalAlloc

ole32

CoTaskMemAlloc
CoInitialize
CoSetProxyBlanket
OleCreate
CoUninitialize
CoCreateInstance
OleSetContainedObject
CoCreateGuid

user32

KillTimer
RegisterWindowMessageA
PeekMessageA
UnhookWindowsHookEx
GetMessageA
DefWindowProcA
GetWindowThreadProcessId
TranslateMessage
SetWindowLongA
GetParent
GetSystemMetrics
GetCursorPos
CreateWindowExA
SetTimer
GetWindow
PostQuitMessage
DestroyWindow
DispatchMessageA
ScreenToClient
SendMessageA
ClientToScreen
FindWindowA
SetWindowsHookExA
GetWindowLongA
GetClassNameA

oleaut32

SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

SetTokenInformation
OpenProcessToken
RegDeleteValueA
RegDeleteKeyA
GetUserNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
DuplicateTokenEx
RegCreateKeyExA

shell32

SHGetFolderPathA

Exports

Exports

confNetSnap

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmdvs
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2aaec7acf7185b3029d2979e8ef95a0

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 969B

hmdvs Size: 4KB - Virtual size: 8B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 969B

hmdvs
Size: 4KB - Virtual size: 8B

.reloc
Size: 8KB - Virtual size: 6KB