b0e0751ee6a76a92f46b84108c0291a085cd3804c283fa54a213fe79b54838f9

Sharing

Copy URL

Twitter E-mail

General

Target

b0e0751ee6a76a92f46b84108c0291a085cd3804c283fa54a213fe79b54838f9
Size

152KB
MD5

bdce207f287637a9d8aa283e4d9fd401
SHA1

6ecc9f9d4e716f42dd678af9b09b472e71650762
SHA256

b0e0751ee6a76a92f46b84108c0291a085cd3804c283fa54a213fe79b54838f9
SHA512

a533c47bf4b96fe3b2f5d1ff0694ff84c2dc2970967af5416cddf64536aa5b629cb80278f7677e24ba9b0aadb7e36850eda876f4d37f4cb6ef814d090b8ff66a
SSDEEP

3072:eSPCNdvWjsJUIySlmE8v6etnCCqkl0F4AEg4AoO/E:9PgJUTSUltncMArh/E

Score

N/A

Malware Config

Signatures

Files

b0e0751ee6a76a92f46b84108c0291a085cd3804c283fa54a213fe79b54838f9
.dll windows x86

c544c14a4e30d83040edc95e7c831936

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetProcAddress
CopyFileA
WriteProcessMemory
SetLastError
CreateEventA
LocalFree
LeaveCriticalSection
MapViewOfFile
TerminateProcess
CreateProcessA
GetComputerNameA
EnterCriticalSection
HeapAlloc
GlobalFree
WaitForSingleObject
GetModuleHandleA
GetCurrentProcess
LoadLibraryA
GetTickCount
CreateDirectoryA
CreateFileA
UnmapViewOfFile
OpenFileMappingA
GlobalAlloc
CloseHandle
CreateMutexW
Sleep
OpenEventA
CreateFileMappingA
InterlockedCompareExchange
WriteFile
GetVolumeInformationA
ReadProcessMemory
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
GetModuleFileNameA
ExitProcess
GetCommandLineA
HeapFree

ole32

CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoCreateGuid
CoSetProxyBlanket
CoInitialize
OleSetContainedObject
OleCreate

user32

GetParent
GetWindowThreadProcessId
RegisterWindowMessageA
UnhookWindowsHookEx
ClientToScreen
CreateWindowExA
TranslateMessage
GetMessageA
DestroyWindow
SetWindowsHookExA
FindWindowA
SetWindowLongA
PostQuitMessage
SendMessageA
GetCursorPos
ScreenToClient
GetSystemMetrics
DefWindowProcA
GetWindow
DispatchMessageA
PeekMessageA
GetWindowLongA
KillTimer
SetTimer
GetClassNameA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
SysStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

GetUserNameA
OpenProcessToken
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
DuplicateTokenEx
SetTokenInformation
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetFolderPathA

Exports

Exports

SyncMousexx

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c544c14a4e30d83040edc95e7c831936

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 980B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 980B

.reloc
Size: 8KB - Virtual size: 6KB