f19bef3e5fcceb8ade2a04d12f89684aad6bd5e76e3e1aa989482a8578d2fc27

Sharing

Copy URL Twitter E-mail

General

Target

f19bef3e5fcceb8ade2a04d12f89684aad6bd5e76e3e1aa989482a8578d2fc27
Size

156KB
MD5

400ad996a5c29e179a06f820a51d2eb1
SHA1

3c89049c13c96351f427966b1250efe8757d090e
SHA256

f19bef3e5fcceb8ade2a04d12f89684aad6bd5e76e3e1aa989482a8578d2fc27
SHA512

949fa9d7dee53ecc04257bcea5fd63b3b360bdd0c8ad4d577cd507c0d1de9cfec02b3ffafb237883893d7cf37dea5e7d86e69cee03bd81c646963185b3244e91
SSDEEP

3072:FJkOMBFhPBMtO/gbC6LZotUpzY34QVyX3jF9ub58kr:FJkgSjSZwUJuYkr

Score

N/A

Malware Config

Signatures

Files

f19bef3e5fcceb8ade2a04d12f89684aad6bd5e76e3e1aa989482a8578d2fc27
.dll windows x86

f62404a92a4cdfecd9ef38bb7f47aca3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
CreateMutexW
CreateFileA
OpenEventA
CreateProcessA
OpenFileMappingA
CreateFileMappingA
GetLastError
CreateEventA
GetModuleFileNameA
GetTickCount
Sleep
GetProcAddress
ReadProcessMemory
HeapAlloc
InterlockedDecrement
UnmapViewOfFile
GetVolumeInformationA
GetCurrentProcess
HeapFree
CopyFileA
GlobalAlloc
WriteFile
GlobalFree
GetCommandLineA
InterlockedCompareExchange
EnterCriticalSection
LoadLibraryA
SetLastError
CloseHandle
TerminateProcess
GetProcessHeap
MapViewOfFile
GetComputerNameA
WaitForSingleObject
CreateDirectoryA
InterlockedIncrement
LocalFree
ExitProcess
WriteProcessMemory
GetModuleHandleA

ole32

CoInitialize
CoTaskMemAlloc
CoCreateGuid
OleSetContainedObject
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
OleCreate

user32

GetWindowLongA
DestroyWindow
GetParent
GetWindowThreadProcessId
SetWindowLongA
DefWindowProcA
GetCursorPos
PostQuitMessage
DispatchMessageA
UnhookWindowsHookEx
ScreenToClient
GetWindow
KillTimer
FindWindowA
ClientToScreen
GetSystemMetrics
RegisterWindowMessageA
SetTimer
SetWindowsHookExA
SendMessageA
GetClassNameA
GetMessageA
TranslateMessage
CreateWindowExA
PeekMessageA

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

GetUserNameA
RegDeleteValueA
RegQueryValueExA
RegCloseKey
SetTokenInformation
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
DuplicateTokenEx
OpenProcessToken
RegDeleteKeyA

shell32

SHGetFolderPathA

Exports

Exports

DevobjPort

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f62404a92a4cdfecd9ef38bb7f47aca3

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 984B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 984B

.reloc
Size: 8KB - Virtual size: 6KB