901ec8c02e64ff9c0428c0aed7906c7f3110d1cd721e3932704755dfa1a5ef71

Sharing

Copy URL Twitter E-mail

General

Target

901ec8c02e64ff9c0428c0aed7906c7f3110d1cd721e3932704755dfa1a5ef71
Size

144KB
MD5

fe5d29682ea169ea23b61c7a862c2412
SHA1

476a80dfbaf9988eaf49988a711a6ae409220078
SHA256

901ec8c02e64ff9c0428c0aed7906c7f3110d1cd721e3932704755dfa1a5ef71
SHA512

61a3640cd76917b48d1ef16f155dad4f4a211ba80d37c876529bad3b10d4cc9d8a195dddcca505f4055ed578989ecd5b1dd645e5f30e1f9a16cc7237a49c502d
SSDEEP

3072:ixZgP04jRJB8Bxv92QHqniGL55O1v6zXb/e2b:ixZghzarGt5aYXbG+

Score

N/A

Malware Config

Signatures

Files

901ec8c02e64ff9c0428c0aed7906c7f3110d1cd721e3932704755dfa1a5ef71
.dll windows x86

7ed396d9a7eb3d65431530da304f1126

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
GetProcAddress
OpenEventA
CreateFileA
ExitProcess
GetProcessHeap
InterlockedCompareExchange
WriteProcessMemory
WaitForSingleObject
OpenFileMappingA
GetCurrentProcess
LeaveCriticalSection
GetLastError
EnterCriticalSection
UnmapViewOfFile
CopyFileA
GlobalAlloc
CreateDirectoryA
MapViewOfFile
CreateFileMappingA
LocalFree
GetCommandLineA
CreateProcessA
GetModuleHandleA
GetComputerNameA
GetVolumeInformationA
CreateEventA
SetLastError
TerminateProcess
InterlockedIncrement
GetModuleFileNameA
HeapFree
WriteFile
LoadLibraryA
HeapAlloc
InterlockedDecrement
CreateMutexW
GetTickCount
GlobalFree
CloseHandle
Sleep

ole32

CoSetProxyBlanket
OleCreate
CoTaskMemAlloc
CoCreateGuid
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance

user32

PostQuitMessage
GetSystemMetrics
ScreenToClient
ClientToScreen
RegisterWindowMessageA
PeekMessageA
KillTimer
UnhookWindowsHookEx
GetParent
GetWindowThreadProcessId
SetTimer
CreateWindowExA
GetClassNameA
SetWindowsHookExA
DefWindowProcA
GetMessageA
FindWindowA
SetWindowLongA
TranslateMessage
SendMessageA
GetWindowLongA
DispatchMessageA
GetCursorPos
GetWindow
DestroyWindow

oleaut32

SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegDeleteKeyA
DuplicateTokenEx
RegSetValueExA
OpenProcessToken
RegOpenKeyExA
GetUserNameA
RegQueryValueExA
SetTokenInformation
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

shell32

SHGetFolderPathA

Exports

Exports

SysGLOffice

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 937B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ed396d9a7eb3d65431530da304f1126

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 937B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 937B

.reloc
Size: 8KB - Virtual size: 6KB