7ab0524f0b5b393471b0f4202ca0f6a6b59a042d90d4572f878d27e5ed624e31

Sharing

Copy URL Twitter E-mail

General

Target

7ab0524f0b5b393471b0f4202ca0f6a6b59a042d90d4572f878d27e5ed624e31
Size

44KB
MD5

1005e7cb18fd70e208acd912dc129ca0
SHA1

cc8912bdec5339f0c8afebc090c6a5bbf5e80aaf
SHA256

7ab0524f0b5b393471b0f4202ca0f6a6b59a042d90d4572f878d27e5ed624e31
SHA512

280ffb1a642e64ee0ed4f445fa1665855bfa7e10c59ffbbd873dd5c2b963c2ef986c7458783a8f37544a510b32db054451fe1dac46969ed1da1f9a7c7e2e2ea1
SSDEEP

384:jdInmNzlX+67evehFn7ffbzrpj+IZruK1+NcCLvD0KvrAqGydZv50MO6MvnWbXsE:jdgcZXP7evYz0IA4WUqf9JkQs/H

Score

N/A

Malware Config

Signatures

Files

7ab0524f0b5b393471b0f4202ca0f6a6b59a042d90d4572f878d27e5ed624e31
.dll windows x86

9bf353f8e3e6f1c444c0c16ff42b202f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcschr
_itow
towupper
towlower
_strnicmp
toupper
tolower
strlen
memcpy
NtQueryInformationProcess
_snwprintf
wcscpy
wcslen
isalnum
_wtoi
wcscspn
_wcsnicmp
memset
_chkstk

kernel32

Process32NextW
LoadLibraryA
GetProcAddress
FreeLibrary
CreateEventW
CloseHandle
lstrcpynA
CreateFileW
GetFileSize
ReadFile
SetFilePointer
SetEndOfFile
WriteFile
GetTickCount
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatW
lstrlenW
WideCharToMultiByte
lstrcatA
lstrcpyW
GetLastError
lstrcpynW
lstrcmpiW
ResetEvent
WaitForSingleObject
SetEvent
InterlockedDecrement
SetErrorMode
GetFileAttributesW
CreateProcessW
SuspendThread
TerminateThread
CreateThread
Sleep
GetModuleFileNameW
FreeLibraryAndExitThread
LoadLibraryW
OpenMutexW
CreateMutexW
GetCurrentProcess
GetModuleHandleA
VirtualAlloc
VirtualFree
DisableThreadLibraryCalls
ExitProcess
MultiByteToWideChar
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
GetVersionExW
CopyFileW
CreateWaitableTimerW
SetWaitableTimer
GetCurrentThread
GetFileTime
SetFileTime
lstrcmpW
MoveFileW
MoveFileExW
WaitForMultipleObjects
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
FindFirstFileW
FindNextFileW
FindClose
GetSystemWindowsDirectoryW
GetVolumeInformationW
GetSystemTime

user32

SetWindowsHookExW
PostMessageW
CallNextHookEx
GetForegroundWindow
PeekMessageW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
wsprintfW

advapi32

RegSetValueExW
RegEnumValueW
RegQueryInfoKeyW
RegFlushKey
RegCreateKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryValueExW
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
OpenProcessToken
SetNamedSecurityInfoW
RegCloseKey

shell32

SHGetSpecialFolderPathW
ord680
SHGetFolderPathW

ole32

CoTaskMemFree
StringFromCLSID
CoCreateGuid

Exports

Exports

Startup
e
iep
l
r

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf353f8e3e6f1c444c0c16ff42b202f

Headers

File Characteristics

Imports

ntdll

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 1KB