91cb7aec3cd71eab5303aca66962f8d9c59ca4a7905fb75e307e16de10281576

Sharing

Copy URL Twitter E-mail

General

Target

91cb7aec3cd71eab5303aca66962f8d9c59ca4a7905fb75e307e16de10281576
Size

152KB
MD5

dc6e04035c7132e6d4ecbbd18d0713e3
SHA1

63d0f517799ae7da3f3ffab5f48eed877ddc288b
SHA256

91cb7aec3cd71eab5303aca66962f8d9c59ca4a7905fb75e307e16de10281576
SHA512

e454b9a22ac0cec640d6a90f4a812a2a2b5df3bfa1a3a03ea63d502589a36646585e5256404bfe7ea0172d3ecc7a0b4d32c7b9e4b76407fbe72316f72080ae5f
SSDEEP

3072:MAHKMKhdbj313Aj+VpeA+6QueHPltkIGcB1XGxmX6QVOlE26Wn/O9CKcxeA6cFUx:MsiklumLmJeAlu

Score

N/A

Malware Config

Signatures

Files

91cb7aec3cd71eab5303aca66962f8d9c59ca4a7905fb75e307e16de10281576
.dll windows x86

eefa5398244dc82e043b265e1a1e6eab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
ExitProcess
CreateEventA
GetProcAddress
GlobalAlloc
HeapAlloc
GlobalFree
MapViewOfFile
CreateProcessA
Sleep
CreateFileA
ReadProcessMemory
WriteFile
InterlockedIncrement
CloseHandle
GetCurrentProcess
EnterCriticalSection
GetLastError
InterlockedDecrement
GetModuleFileNameA
HeapFree
GetVolumeInformationA
InterlockedCompareExchange
CopyFileA
CreateDirectoryA
LoadLibraryA
GetModuleHandleA
GetCommandLineA
GetProcessHeap
LocalFree
OpenEventA
CreateFileMappingA
WriteProcessMemory
LeaveCriticalSection
GetTickCount
UnmapViewOfFile
TerminateProcess
CreateMutexW
GetComputerNameA
OpenFileMappingA
SetLastError

ole32

CoCreateInstance
CoTaskMemAlloc
CoSetProxyBlanket
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateGuid
OleCreate

user32

ScreenToClient
TranslateMessage
DefWindowProcA
RegisterWindowMessageA
GetMessageA
GetWindow
GetSystemMetrics
SetWindowsHookExA
GetClassNameA
DispatchMessageA
SetTimer
CreateWindowExA
SendMessageA
PeekMessageA
SetWindowLongA
GetWindowThreadProcessId
GetParent
PostQuitMessage
GetCursorPos
FindWindowA
GetWindowLongA
UnhookWindowsHookEx
DestroyWindow
KillTimer
ClientToScreen

oleaut32

SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegSetValueExA
GetUserNameA
OpenProcessToken
RegDeleteValueA
RegCreateKeyExA
DuplicateTokenEx
RegCloseKey
RegOpenKeyExA
SetTokenInformation
RegDeleteKeyA
RegQueryValueExA

shell32

SHGetFolderPathA

Exports

Exports

AppleEvent80

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zwjfaj
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eefa5398244dc82e043b265e1a1e6eab

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 944B

zwjfaj Size: 4KB - Virtual size: 4B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 944B

zwjfaj
Size: 4KB - Virtual size: 4B

.reloc
Size: 8KB - Virtual size: 6KB