57dbee6e297d7d86fc95d01ef5cb5c0be8c5e905664dac27de5b5adf794f8329

Sharing

Copy URL Twitter E-mail

General

Target

57dbee6e297d7d86fc95d01ef5cb5c0be8c5e905664dac27de5b5adf794f8329
Size

148KB
MD5

59aec2edeab9f4d9ffe992de661117e0
SHA1

e59b2c73fe804d0ede5e37418fb56eda4afee914
SHA256

57dbee6e297d7d86fc95d01ef5cb5c0be8c5e905664dac27de5b5adf794f8329
SHA512

aca405981b26e84ebc4f0772067b3c6cc5ee20a77903efb3e38c571069dac0e86b4b53d16c639e7a1ebe1fc2dfa01102178cb82c80e4fcae9e1d42ce8f3d79e1
SSDEEP

3072:SOFsv7gB+FasF1SyacudS5Z7c9INTSnfMP4q/1QJU34LuWtengep7/qG2Tzea/3:avBVzac53Yhf44bUBge72Tzn

Score

N/A

Malware Config

Signatures

Files

57dbee6e297d7d86fc95d01ef5cb5c0be8c5e905664dac27de5b5adf794f8329
.dll windows x86

71b8669951d51798068829e80e0bd020

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
InterlockedIncrement
CreateEventA
GetCommandLineA
UnmapViewOfFile
GetModuleFileNameA
GetProcAddress
CloseHandle
GetTickCount
TerminateProcess
CopyFileA
ExitProcess
GetComputerNameA
LeaveCriticalSection
OpenFileMappingA
CreateDirectoryA
OpenEventA
InterlockedDecrement
CreateMutexW
EnterCriticalSection
LoadLibraryA
CreateFileA
GetCurrentProcess
SetLastError
GetModuleHandleA
GetProcessHeap
InterlockedCompareExchange
GlobalFree
HeapFree
GetLastError
LocalFree
ReadProcessMemory
CreateProcessA
WriteFile
HeapAlloc
MapViewOfFile
GlobalAlloc
WaitForSingleObject
GetVolumeInformationA
CreateFileMappingA
Sleep

ole32

CoSetProxyBlanket
OleSetContainedObject
CoInitialize
CoCreateGuid
CoTaskMemAlloc
OleCreate
CoUninitialize
CoCreateInstance

user32

GetCursorPos
GetParent
DestroyWindow
GetWindowLongA
GetMessageA
KillTimer
DefWindowProcA
RegisterWindowMessageA
GetClassNameA
GetSystemMetrics
TranslateMessage
SetWindowLongA
GetWindow
PeekMessageA
UnhookWindowsHookEx
SendMessageA
DispatchMessageA
FindWindowA
ScreenToClient
ClientToScreen
SetTimer
CreateWindowExA
PostQuitMessage
GetWindowThreadProcessId
SetWindowsHookExA

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

DuplicateTokenEx
RegDeleteValueA
RegSetValueExA
SetTokenInformation
OpenProcessToken
RegDeleteKeyA
RegOpenKeyExA
GetUserNameA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetFolderPathA

Exports

Exports

WdMouseusb

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71b8669951d51798068829e80e0bd020

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 968B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 968B

.reloc
Size: 8KB - Virtual size: 6KB