d5922b8836aaaef2dbd8f27cf0c334f33a5f8df5fca2f8350198b0823caa8bc1

Sharing

Copy URL Twitter E-mail

General

Target

d5922b8836aaaef2dbd8f27cf0c334f33a5f8df5fca2f8350198b0823caa8bc1
Size

152KB
MD5

0b04a431055cd5e3c899abeea133f542
SHA1

739579d1a97cde621fe5efd1eda384f078fd2f49
SHA256

d5922b8836aaaef2dbd8f27cf0c334f33a5f8df5fca2f8350198b0823caa8bc1
SHA512

36e7e5957e33b6b311c700d67f539ccc9a09ef21832d8e803b3c61d4f1eb244f15add0db16c36f992e30eea1c4ec64658d9f9383dfa27fb68bfb46ed3ed2aeb4
SSDEEP

3072:dUKZ+7jwEFnjA99l50dNJRUJGClPtKr7u1GF7fXUpX4mFXhnWRuL8Z:2S+fwwn6j50HJRUJGC1tKvu1Q4XD

Score

N/A

Malware Config

Signatures

Files

d5922b8836aaaef2dbd8f27cf0c334f33a5f8df5fca2f8350198b0823caa8bc1
.dll windows x86

eb06ab1a8715e97c73494248bb96f975

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetModuleHandleA
GlobalFree
EnterCriticalSection
CreateMutexW
GetProcessHeap
ExitProcess
CreateFileA
TerminateProcess
MapViewOfFile
GetComputerNameA
CreateProcessA
CreateDirectoryA
CloseHandle
WriteProcessMemory
CopyFileA
CreateFileMappingA
GetCurrentProcess
InterlockedDecrement
GetLastError
HeapFree
CreateEventA
GetVolumeInformationA
InterlockedIncrement
ReadProcessMemory
GetTickCount
SetLastError
UnmapViewOfFile
LoadLibraryA
OpenEventA
WaitForSingleObject
GetModuleFileNameA
GlobalAlloc
Sleep
LocalFree
HeapAlloc
OpenFileMappingA
WriteFile
GetProcAddress
GetCommandLineA
InterlockedCompareExchange

ole32

CoCreateInstance
CoCreateGuid
OleCreate
CoTaskMemAlloc
OleSetContainedObject
CoSetProxyBlanket
CoInitialize
CoUninitialize

user32

GetWindow
ScreenToClient
PeekMessageA
GetClassNameA
TranslateMessage
FindWindowA
RegisterWindowMessageA
DefWindowProcA
SendMessageA
DispatchMessageA
SetTimer
PostQuitMessage
GetWindowThreadProcessId
GetMessageA
GetWindowLongA
GetSystemMetrics
SetWindowsHookExA
UnhookWindowsHookEx
ClientToScreen
DestroyWindow
GetCursorPos
CreateWindowExA
SetWindowLongA
GetParent
KillTimer

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegSetValueExA
RegDeleteValueA
OpenProcessToken
DuplicateTokenEx
RegDeleteKeyA
SetTokenInformation
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
GetUserNameA

shell32

SHGetFolderPathA

Exports

Exports

DevPathdrm

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb06ab1a8715e97c73494248bb96f975

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 952B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 6KB