b642dbd7bf1a9fc72f4e04c7f352bc901de25fd088877ddc8f17598728ac88f9

Sharing

Copy URL Twitter E-mail

General

Target

b642dbd7bf1a9fc72f4e04c7f352bc901de25fd088877ddc8f17598728ac88f9
Size

103KB
MD5

7ce9a902ee43214c5beef2d6bb430040
SHA1

4f49e9c2def281501f4896f12d3434e58ceea96d
SHA256

b642dbd7bf1a9fc72f4e04c7f352bc901de25fd088877ddc8f17598728ac88f9
SHA512

c7c92b263556441ae740d283d468ff536bbebdf5fa83f1acd53f92ba7844375eb381ac5dc4edb0acee4d2431dd11ebf494b03c724b8d6c7afd7dc24f16fdcf50
SSDEEP

3072:Lhkan/WtjBeclkMb/bM4wefFZMKN0o9WE32ufx8:uan6TkKbM4jNPusZ2Gx

Score

N/A

Malware Config

Signatures

Files

b642dbd7bf1a9fc72f4e04c7f352bc901de25fd088877ddc8f17598728ac88f9
.dll windows x86

baef336e26d147e7fe769530b1f497d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
lstrlenA
GetCurrentThreadId
FormatMessageW
LocalAlloc
LocalFree
ExpandEnvironmentStringsW
lstrlenW
MultiByteToWideChar
GetLocalTime
WideCharToMultiByte
GetWindowsDirectoryA
SearchPathW
FindResourceExW
SetLastError
LoadLibraryExW
MapViewOfFile
CreateFileMappingW
CreateFileW
GetVersionExW
GetLocaleInfoW
UnmapViewOfFile
FormatMessageA
CloseHandle
InterlockedCompareExchange
FreeEnvironmentStringsW
TerminateProcess
WaitForSingleObject
InterlockedExchange
CreateThread
InterlockedIncrement
InterlockedDecrement
GetComputerNameA
WriteFile
ReadFile
DeviceIoControl
ExpandEnvironmentStringsA
CreateDirectoryA
LoadLibraryA
GetCurrentThread
GetTickCount
GetPrivateProfileIntA
CreateFileA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalFree
GetModuleHandleA
DisableThreadLibraryCalls
GetProcessHeap
HeapAlloc
HeapFree
FreeEnvironmentStringsA
SetEnvironmentVariableW
DebugBreak
GetExitCodeThread
GetCurrentProcess
InitializeCriticalSection
FreeLibrary
LoadLibraryExA
Sleep
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetUserDefaultLangID
LoadLibraryW
DeleteCriticalSection
GetUserDefaultLCID
GetLocaleInfoA
GetVersionExA
GetCommandLineA
GetLastError
VirtualProtect

user32

IsWindowVisible
CharNextA
EnumThreadWindows
wsprintfA
wvsprintfA
PostMessageA
MessageBoxA
SetFocus
LoadStringW
SendMessageTimeoutW
LoadStringA
GetWindowThreadProcessId
SetForegroundWindow
AttachThreadInput
GetDesktopWindow
IsWindowEnabled
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowTextLengthW
FindWindowA
FindWindowW
GetWindow
keybd_event
VkKeyScanA
SendMessageTimeoutA

advapi32

RegSetValueExA
RegQueryInfoKeyW
RegEnumValueW
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegDeleteKeyA
RegQueryValueExA
EqualSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
FreeSid
AllocateAndInitializeSid
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExA

ole32

CoTaskMemFree
StringFromCLSID

msvcrt

fopen
_ismbcdigit
_ismbcspace
fclose
wcsncmp
bsearch
_onexit
_lock
__dllonexit
_unlock
_adjust_fdiv
_amsg_exit
_initterm
_callnewh
_CxxThrowException
_wcsicmp
_ultoa
memset
fwrite
strncpy
__RTtypeid
wcscmp
_ultow
_wtoi
wcslen
fprintf
memcpy
_errno
_vsnwprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
time
_except_handler3
_XcptFilter
malloc
free
_snprintf
_itoa
_vsnprintf

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baef336e26d147e7fe769530b1f497d8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB