b9f1f46b773f916520779a42b6fbc002b89b29d8a91c8f31efc1309e264ae71b

General

Target

b9f1f46b773f916520779a42b6fbc002b89b29d8a91c8f31efc1309e264ae71b
Size

140KB
MD5

ac4c109f532c547f848cd516cb267c30
SHA1

3416129c7218b7822e5626b334764c22f9caa84f
SHA256

b9f1f46b773f916520779a42b6fbc002b89b29d8a91c8f31efc1309e264ae71b
SHA512

3545fd1902f69145ee66963a65deab69427452c0af775bb6f53b7319b383b2308052a764e0919494c976df9fb914395b236a684d0aa1f7cadb76319eca4a71d6
SSDEEP

3072:5bYNWbx4XwyUKgfILWZLxKMs/F+p4AQggGESwcI+QA/Y1xMcaFHM/:5bqW14XwyU0Os/UiAQghESBI7A/2Ou/

Score

N/A

Malware Config

Signatures

Files

b9f1f46b773f916520779a42b6fbc002b89b29d8a91c8f31efc1309e264ae71b
.dll windows x86

f65c561d48fcfe32eb518d9b2b41a6c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetProcAddress
GetTickCount
InterlockedIncrement
CreateDirectoryA
GetCommandLineA
Sleep
CopyFileA
LoadLibraryA
GetLastError
CreateProcessA
ReleaseMutex
LocalFree
InterlockedCompareExchange
WaitForSingleObject
CloseHandle
SetLastError
LeaveCriticalSection
OpenEventA
UnmapViewOfFile
MapViewOfFile
ExitProcess
EnterCriticalSection
InterlockedDecrement
CreateEventA
GetModuleHandleA
GetModuleFileNameA
lstrlenA

ole32

CoUninitialize
OleSetContainedObject
CreateBindCtx
CoCreateGuid
OleCreate
CoInitialize

user32

PostQuitMessage
FindWindowA
RegisterWindowMessageA
PostMessageA
GetMessageA
KillTimer
GetWindowLongA
SetTimer
CreateWindowExA
GetSystemMetrics
GetClassNameA
GetParent
SetWindowLongA
DestroyWindow
SendMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

CatDBEventdsc

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f65c561d48fcfe32eb518d9b2b41a6c2

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB