d0729a38ce4dbfa44b5e42cfa6d1f7f3a29426956b03bcf627a0eef7103d4930

Sharing

Copy URL Twitter E-mail

General

Target

d0729a38ce4dbfa44b5e42cfa6d1f7f3a29426956b03bcf627a0eef7103d4930
Size

148KB
MD5

bcb6b923fe330db7557e8ddf0b25e031
SHA1

c7adbce2267ac891094af1e831e37fcba73f30f6
SHA256

d0729a38ce4dbfa44b5e42cfa6d1f7f3a29426956b03bcf627a0eef7103d4930
SHA512

db3104fa284dd00b4cca08bb660b7b87d084f669146362e98f4287414ab777077c1ea21167ef97e7e2ecea0d65e0a1fe9cba20e0d58a4f6cec6c546afcf0f5c0
SSDEEP

3072:24CUwGHiHdwEqt0fR/pyE1b8sq42uIVed/n8W63:2YHzafRH1b7F2FAd/n8W63

Score

N/A

Malware Config

Signatures

Files

d0729a38ce4dbfa44b5e42cfa6d1f7f3a29426956b03bcf627a0eef7103d4930
.dll windows x86

0c32a4405869c5b4717bd12215b72417

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
LeaveCriticalSection
InterlockedIncrement
CloseHandle
ExitProcess
WriteProcessMemory
GlobalFree
GetComputerNameA
CreateProcessA
WaitForSingleObject
EnterCriticalSection
GetVolumeInformationA
CreateMutexW
MapViewOfFile
InterlockedDecrement
GetModuleHandleA
GetModuleFileNameA
UnmapViewOfFile
GetTickCount
CreateDirectoryA
ReadProcessMemory
GetCommandLineA
TerminateProcess
LoadLibraryA
CreateFileA
CopyFileA
LocalFree
HeapAlloc
Sleep
HeapFree
WriteFile
CreateEventA
GetCurrentProcess
CreateFileMappingA
OpenFileMappingA
GetProcAddress
GetProcessHeap
InterlockedCompareExchange
GlobalAlloc
GetLastError
SetLastError

ole32

CoCreateGuid
OleSetContainedObject
CoUninitialize
OleCreate
CoSetProxyBlanket
CoTaskMemAlloc
CoInitialize
CoCreateInstance

user32

RegisterWindowMessageA
SetTimer
GetCursorPos
GetWindowThreadProcessId
DefWindowProcA
GetSystemMetrics
PeekMessageA
GetWindowLongA
KillTimer
SetWindowsHookExA
ClientToScreen
UnhookWindowsHookEx
DispatchMessageA
DestroyWindow
SendMessageA
SetWindowLongA
ScreenToClient
GetWindow
GetClassNameA
PostQuitMessage
CreateWindowExA
GetParent
FindWindowA
GetMessageA
TranslateMessage

oleaut32

SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

OpenProcessToken
SetTokenInformation
RegQueryValueExA
RegDeleteKeyA
DuplicateTokenEx
RegCloseKey
RegOpenKeyExA
GetUserNameA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

shell32

SHGetFolderPathA

Exports

Exports

SmartcrtMusic

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c32a4405869c5b4717bd12215b72417

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 992B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 992B

.reloc
Size: 8KB - Virtual size: 6KB