967a619c74600492644b7d6af6ac3e774f5db7b1615fc81bb3c0108dd17baaab

Sharing

Copy URL Twitter E-mail

General

Target

967a619c74600492644b7d6af6ac3e774f5db7b1615fc81bb3c0108dd17baaab
Size

148KB
MD5

9bbd5e1ec31bc9ca290b8b08a3e1c928
SHA1

343faf5c53c391a53eddb0ae4b300a7d12341827
SHA256

967a619c74600492644b7d6af6ac3e774f5db7b1615fc81bb3c0108dd17baaab
SHA512

3eafd304ab6ecb18f1b78ea4c5d4ba8af5db6b95d9da13fb1608a58cce32806b31b7377ca38f4b2900ff1b1b079bce12e0aa7345aa43ece310a3da9ce1a727c4
SSDEEP

3072:IhhOB3x1oGMmiJt5LDuv6YbdLETDNd4oOTs7ToGuJlib:IPG3xvMmYt5yLbns7ToLGb

Score

N/A

Malware Config

Signatures

Files

967a619c74600492644b7d6af6ac3e774f5db7b1615fc81bb3c0108dd17baaab
.dll windows x86

9e4468b5494da31cb25435ed663cfbcc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
HeapAlloc
CreateFileA
GetTickCount
LeaveCriticalSection
InterlockedCompareExchange
CreateMutexW
LocalFree
TerminateProcess
ReadProcessMemory
CopyFileA
GetModuleHandleA
Sleep
UnmapViewOfFile
CreateFileMappingA
GetProcAddress
GetProcessHeap
WaitForSingleObject
EnterCriticalSection
HeapFree
InterlockedIncrement
OpenEventA
GetCommandLineA
WriteProcessMemory
CreateDirectoryA
GetModuleFileNameA
GlobalFree
GlobalAlloc
CreateProcessA
GetCurrentProcess
ExitProcess
OpenFileMappingA
SetLastError
MapViewOfFile
WriteFile
GetLastError
InterlockedDecrement
GetVolumeInformationA
CloseHandle
CreateEventA
LoadLibraryA

ole32

OleCreate
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
OleSetContainedObject
CoSetProxyBlanket

user32

ClientToScreen
GetWindowThreadProcessId
SetTimer
DispatchMessageA
GetClassNameA
GetCursorPos
GetWindowLongA
PeekMessageA
KillTimer
GetSystemMetrics
CreateWindowExA
TranslateMessage
GetParent
RegisterWindowMessageA
ScreenToClient
GetWindow
SetWindowsHookExA
DefWindowProcA
PostQuitMessage
FindWindowA
DestroyWindow
SetWindowLongA
SendMessageA
UnhookWindowsHookEx
GetMessageA

oleaut32

SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
OpenProcessToken
GetUserNameA
DuplicateTokenEx
RegSetValueExA
SetTokenInformation
RegCreateKeyExA

shell32

SHGetFolderPathA

Exports

Exports

mciUserMgmt

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e4468b5494da31cb25435ed663cfbcc

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 932B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 932B

.reloc
Size: 8KB - Virtual size: 6KB