eeff993638965488efee53f97c7e1794d8d713bf516f88990d66a28135345206

Sharing

Copy URL Twitter E-mail

General

Target

eeff993638965488efee53f97c7e1794d8d713bf516f88990d66a28135345206
Size

144KB
MD5

b23f634929d130828055060933242d46
SHA1

6a8f8e031cb20f189e8ffa9d6ffcd13c9d6ecc73
SHA256

eeff993638965488efee53f97c7e1794d8d713bf516f88990d66a28135345206
SHA512

496888ed3d75361bcad703912d68568e02a364fe6fad0a103f1b63394a4e79a3b86746627cbcdb4d25626d21a70fa81fccdb925e2ed15138dddbdbb9f84e7eda
SSDEEP

3072:HesfM/RkogOYbHk0V/mmeBxnIDmJWb5fpjGgyAuAB3Hcfx7AsQ+v:++M/RkHOOFV/oJ2sQhgGZB38Z77Q+

Score

N/A

Malware Config

Signatures

Files

eeff993638965488efee53f97c7e1794d8d713bf516f88990d66a28135345206
.dll windows x86

5ced1baa8a145137a05a3b7f8036d81b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
ReadProcessMemory
HeapFree
LoadLibraryA
InterlockedIncrement
GetTickCount
GetProcAddress
CreateFileMappingA
InterlockedCompareExchange
GetLastError
ExitProcess
GetCommandLineA
SetLastError
EnterCriticalSection
UnmapViewOfFile
CloseHandle
LeaveCriticalSection
WriteProcessMemory
CreateDirectoryA
CreateEventA
CopyFileA
GetModuleFileNameA
InterlockedDecrement
GetProcessHeap
GetComputerNameA
WriteFile
LocalFree
GlobalAlloc
GetModuleHandleA
Sleep
WaitForSingleObject
GlobalFree
HeapAlloc
OpenFileMappingA
CreateMutexW
MapViewOfFile
CreateFileA
GetCurrentProcess
TerminateProcess
CreateProcessA
GetVolumeInformationA

ole32

OleCreate
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
OleSetContainedObject
CoCreateGuid
CoTaskMemAlloc
CoInitialize

user32

TranslateMessage
SetWindowsHookExA
GetWindow
SetWindowLongA
CreateWindowExA
UnhookWindowsHookEx
GetCursorPos
PostQuitMessage
GetMessageA
ClientToScreen
KillTimer
FindWindowA
DestroyWindow
RegisterWindowMessageA
ScreenToClient
SetTimer
SendMessageA
DispatchMessageA
GetWindowLongA
GetParent
GetWindowThreadProcessId
PeekMessageA
GetClassNameA
GetSystemMetrics
DefWindowProcA

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

DuplicateTokenEx
GetUserNameA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
SetTokenInformation
OpenProcessToken
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetFolderPathA

Exports

Exports

d3dMobilevga

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lsssje
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ced1baa8a145137a05a3b7f8036d81b

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 948B

lsssje Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 948B

lsssje
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 6KB