64b59d7c04129b8b5d8fd339a5bf438b

Sharing

Copy URL Twitter E-mail

General

Target

64b59d7c04129b8b5d8fd339a5bf438b
Size

2.0MB
MD5

64b59d7c04129b8b5d8fd339a5bf438b
SHA1

86ccfe8707a3c9776e37d0bcaf3b2c977ee81825
SHA256

f08cd73181ee7d2bf6e317332f054f14576b2e74409d65d219a2df9b8f25ffef
SHA512

2f23cd243049f9f62e698fac6a26b09d62ef67e4d44b36cf1befee44c300ca38a841abb5c69cf790126c6b49da906f2deb27c7634de1ec87b70373ab0679fe30
SSDEEP

49152:uUS5E3fB7e1AxDl+WCedfUjK2kjJjrJGZpvhHeS6zCums2Ef:u47xxDl+Ud+FkVjroZpvZeS6bmdEf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MicroKeylogger.exe

Files

64b59d7c04129b8b5d8fd339a5bf438b
.zip
MicroKeylogger.exe
.exe windows:5 windows x86 arch:x86

c383bd6928cb8d0d836eea67fd64c59a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetStartupInfoW
HeapAlloc
RtlUnwind
ExitProcess
RaiseException
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetErrorMode
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
FormatMessageW
MulDiv
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GetLastError
SetLastError
GlobalUnlock
GlobalFree
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
InterlockedExchange
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
WideCharToMultiByte
GetVolumeInformationA
lstrcpyA
lstrlenA
CreateFileA
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
ReadFile
GetFileSize
FreeResource
WriteFile
GetModuleHandleW
GetFileAttributesW
HeapFree
GetProcessHeap
InterlockedDecrement
WritePrivateProfileStringW
RemoveDirectoryW
CreateDirectoryW
MoveFileExW
lstrcatW
LocalFree
SetFileAttributesW
GetSystemDirectoryW
lstrcmpW
GetEnvironmentVariableW
CreateProcessW
CopyFileW
DeleteFileW
GetTempPathW
CreateFileW
GetLocalTime
CloseHandle
ResetEvent
Sleep
SetEvent
CreateEventW
lstrcpyW
GetComputerNameW
LockResource
SizeofResource
LoadResource
FindResourceW
lstrlenW
TerminateProcess
GetCommandLineW

user32

UnregisterClassW
CharUpperW
GetSysColorBrush
DestroyMenu
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
LoadCursorW
SetCapture
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
MessageBoxW
LoadIconW
SendMessageW
EnableWindow
LoadStringW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SendDlgItemMessageW
CheckRadioButton
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PostThreadMessageW
RegisterClipboardFormatW
GetClientRect
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
wsprintfW
wsprintfA
PostMessageW
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CopyRect
GetDC
ReleaseDC
GetSubMenu
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
WinHelpW

gdi32

GetRgnBox
GetMapMode
GetTextColor
GetBkColor
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
CreateRectRgnIndirect
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
OffsetViewportOrgEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExA
SetSecurityInfo
GetSecurityDescriptorSacl
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegDeleteKeyW
RegEnumKeyW
RegEnumValueW
RegSetKeySecurity
RegFlushKey
RegSetValueExW
RegQueryValueExW
GetUserNameW
RegCreateKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

shlwapi

StrStrIA
PathAddBackslashW
StrStrIW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
StrToIntExW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
StgCreateDocfile
OleRun
CoCreateInstance
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringLen
SysFreeString
VariantClear
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
GetErrorInfo
SysAllocString

netapi32

NetUserEnum
NetApiBufferFree

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.html
.html

Sharing

General

Malware Config

Signatures

Files

c383bd6928cb8d0d836eea67fd64c59a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

netapi32

wininet

Sections

.text Size: 256KB - Virtual size: 256KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 11KB - Virtual size: 32KB

.rsrc Size: 6.7MB - Virtual size: 6.7MB

.text
Size: 256KB - Virtual size: 256KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 11KB - Virtual size: 32KB

.rsrc
Size: 6.7MB - Virtual size: 6.7MB