9047bff7e0841e0cd98d337aea7c1fb88012d186d2dbad38ac762c63e4e91845

Sharing

Copy URL Twitter E-mail

General

Target

9047bff7e0841e0cd98d337aea7c1fb88012d186d2dbad38ac762c63e4e91845
Size

152KB
MD5

16271638dfad1975a053421c063c276c
SHA1

660001875d7db22877bdc67970de39ac467eb99d
SHA256

9047bff7e0841e0cd98d337aea7c1fb88012d186d2dbad38ac762c63e4e91845
SHA512

5f8908d791e1f7879cc74c3b0408a59587fcdeee6ae12989cf15a5cfa70907ffb9e8dece01b2e48f54e4812b4a4b80db47176a8af97faffc8e89efdc77311e81
SSDEEP

3072:U0cUDS1v87h+0FOgWdiTw8rgynbhAe5nccMk+:cUDJk0Fw8lOeV3+

Score

N/A

Malware Config

Signatures

Files

9047bff7e0841e0cd98d337aea7c1fb88012d186d2dbad38ac762c63e4e91845
.dll windows x86

a5d0e5125071b1e18e8bcfb2cf2f8358

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GlobalAlloc
GetProcessHeap
OpenFileMappingA
GetLastError
SetLastError
ExitProcess
LocalFree
UnmapViewOfFile
CreateFileMappingA
GetComputerNameA
GetCurrentProcess
LoadLibraryA
InterlockedCompareExchange
OpenEventA
InterlockedIncrement
CreateProcessA
HeapAlloc
CreateEventA
GetCommandLineA
EnterCriticalSection
TerminateProcess
WaitForSingleObject
CreateDirectoryA
WriteProcessMemory
GlobalFree
HeapFree
LeaveCriticalSection
ReadProcessMemory
WriteFile
Sleep
GetTickCount
CloseHandle
CreateFileA
GetVolumeInformationA
CreateMutexW
GetProcAddress
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleA
MapViewOfFile

ole32

OleCreate
CoSetProxyBlanket
CoCreateGuid
OleSetContainedObject
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance

user32

TranslateMessage
DestroyWindow
GetWindow
GetCursorPos
RegisterWindowMessageA
SetWindowLongA
KillTimer
PostQuitMessage
CreateWindowExA
GetWindowLongA
FindWindowA
ScreenToClient
GetParent
PeekMessageA
SendMessageA
GetWindowThreadProcessId
DefWindowProcA
GetClassNameA
UnhookWindowsHookEx
ClientToScreen
GetMessageA
SetTimer
SetWindowsHookExA
DispatchMessageA
GetSystemMetrics

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

GetUserNameA
RegDeleteValueA
RegDeleteKeyA
DuplicateTokenEx
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
SetTokenInformation
RegOpenKeyExA
OpenProcessToken

shell32

SHGetFolderPathA

Exports

Exports

kbdMaindrv

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5d0e5125071b1e18e8bcfb2cf2f8358

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 984B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 984B

.reloc
Size: 8KB - Virtual size: 6KB