a78e7d02f9c6158e7343df213083fc21ce7906de713b52843819a3a1d97b0d65

Sharing

Copy URL Twitter E-mail

General

Target

a78e7d02f9c6158e7343df213083fc21ce7906de713b52843819a3a1d97b0d65
Size

152KB
MD5

20b244cb5768bb3e03465fe9cc0af8a0
SHA1

f6458a34f1fa05dedc8a39a7cd19ffbd0fdced8e
SHA256

a78e7d02f9c6158e7343df213083fc21ce7906de713b52843819a3a1d97b0d65
SHA512

35c0df8a1af603306511a68a7f4bc4996d3adddf69b72829da0b0c4a77eeeadf726ee7526d34253948ed68b38c7e54f5ef45df4e94955d11769e31e98c54aba9
SSDEEP

3072:nloFaZKA78AmeMr+zFJu5xGeGGtiNDit5r+1dyPAO:nlUa1meMr+vmGi++t5r+iP

Score

N/A

Malware Config

Signatures

Files

a78e7d02f9c6158e7343df213083fc21ce7906de713b52843819a3a1d97b0d65
.dll windows x86

8a51acad0cb678023f93fac7c45b69e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
CreateMutexW
GetVolumeInformationA
WaitForSingleObject
CreateEventA
CreateFileMappingA
HeapFree
SetLastError
CreateDirectoryA
UnmapViewOfFile
OpenEventA
InterlockedDecrement
HeapAlloc
GetLastError
GetCurrentProcess
GetProcAddress
GetProcessHeap
WriteProcessMemory
LoadLibraryA
GlobalAlloc
GlobalFree
Sleep
CreateFileA
ExitProcess
MapViewOfFile
CopyFileA
TerminateProcess
GetTickCount
WriteFile
LocalFree
GetCommandLineA
LeaveCriticalSection
CreateProcessA
InterlockedCompareExchange
GetComputerNameA
ReadProcessMemory
GetModuleHandleA
CloseHandle
GetModuleFileNameA
InterlockedIncrement
EnterCriticalSection

ole32

CoInitialize
CoCreateInstance
OleCreate
CoUninitialize
CoCreateGuid
CoSetProxyBlanket
OleSetContainedObject
CoTaskMemAlloc

user32

GetClassNameA
RegisterWindowMessageA
KillTimer
PeekMessageA
GetParent
SendMessageA
GetWindowLongA
GetMessageA
FindWindowA
DefWindowProcA
SetTimer
DispatchMessageA
GetWindow
GetWindowThreadProcessId
ClientToScreen
UnhookWindowsHookEx
GetCursorPos
SetWindowsHookExA
TranslateMessage
SetWindowLongA
CreateWindowExA
PostQuitMessage
GetSystemMetrics
DestroyWindow
ScreenToClient

oleaut32

SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteValueA
SetTokenInformation
RegOpenKeyExA
DuplicateTokenEx
RegDeleteKeyA
RegCreateKeyExA
GetUserNameA
RegQueryValueExA
OpenProcessToken
RegCloseKey
RegSetValueExA

shell32

SHGetFolderPathA

Exports

Exports

nsEventServices

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

scg
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a51acad0cb678023f93fac7c45b69e8

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 960B

scg Size: 4KB - Virtual size: 8B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 960B

scg
Size: 4KB - Virtual size: 8B

.reloc
Size: 8KB - Virtual size: 6KB