0f2404288ec2d5a8fd318b6169644b686d6a61e23f9952884b255e6d0845c064

Sharing

Copy URL

Twitter E-mail

General

Target

0f2404288ec2d5a8fd318b6169644b686d6a61e23f9952884b255e6d0845c064
Size

538KB
MD5

d76d0aae2bc54602ebfce443aa4f06a3
SHA1

425b105cbe970b3d38212ebf06b233f61de7fdb9
SHA256

0f2404288ec2d5a8fd318b6169644b686d6a61e23f9952884b255e6d0845c064
SHA512

262637fab6707b1d5d20aef6b51e172eb9b80a04ee5617a7aa556dd744f3f373b05af9b0d5729f9ed8e13eb019986cf75178741a70027c23bd62ced7a83fd4ef

Score

N/A

Malware Config

Signatures

Files

0f2404288ec2d5a8fd318b6169644b686d6a61e23f9952884b255e6d0845c064
.dll windows x86

fc9d5d89d5b33d534065506e5a89ca19

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetLastError
GetModuleHandleW
ExitProcess
LocalFree
LocalAlloc
lstrcmpiW
FreeLibrary
GetCommandLineW
GetStartupInfoW
CreateJobObjectW
lstrcatW
lstrcpyW
WaitForSingleObjectEx
GetPrivateProfileIntW
lstrlenW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateThread
GetSystemDirectoryW
CreateProcessW
AssignProcessToJobObject
ResumeThread
TerminateProcess
TerminateThread
GetQueuedCompletionStatus
CreateIoCompletionPort
SetInformationJobObject
CloseHandle
LoadLibraryW
lstrcpynW
ConnectNamedPipe
EnumResourceTypesA
EnumResourceNamesW
SetDefaultCommConfigA
MoveFileExA
GlobalGetAtomNameA
lstrcpyA
GetConsoleAliasesA
LocalCompact
GetVersion
FlushConsoleInputBuffer
ReadConsoleOutputA
EnumTimeFormatsW
VirtualAlloc
GetSystemInfo
IsBadCodePtr
FlushFileBuffers
OpenEventW
GlobalFindAtomW
EndUpdateResourceA
GetConsoleTitleA
DisableThreadLibraryCalls
lstrcat
CreateProcessA
Process32FirstW
SetupComm
ReadConsoleOutputW
SetVolumeMountPointW
GetConsoleAliasesW
SetThreadIdealProcessor
InterlockedExchangeAdd
SetTimerQueueTimer
HeapCreate
GetTempFileNameA
TlsSetValue
TlsGetValue
lstrcmpA
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualProtect
VirtualFree
UnmapViewOfFile
SystemTimeToFileTime
SuspendThread
Sleep
SizeofResource
SetVolumeLabelW
SetThreadPriority
SetThreadContext
SetThreadAffinityMask
SetPriorityClass
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
ReleaseSemaphore
ReleaseMutex
ReadProcessMemory
ReadFile
QueryPerformanceFrequency
PulseEvent
OutputDebugStringW
OpenProcess
OpenMutexW
OpenFileMappingA
OpenFileMappingW
OpenEventA
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
LockResource
LocalFileTimeToFileTime
LoadResource
LoadLibraryExA
LoadLibraryExW
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVolumeInformationA
GetVolumeInformationW
GetVersionExA
GetVersionExW
GetUserDefaultLCID
GetTimeZoneInformation
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempFileNameW
GetSystemTime
GetSystemDirectoryA
GetProcessVersion
GetProcessAffinityMask
GetPriorityClass
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesA
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentThread
GetComputerNameW
GetCommandLineA
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FormatMessageA
FormatMessageW
FlushViewOfFile
FindResourceA
FindResourceW
FindNextFileW
FindFirstFileA
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
EnterCriticalSection
DuplicateHandle
DosDateTimeToFileTime
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateSemaphoreW
CreateNamedPipeW
CreateMutexA
CreateMutexW
CreateFileMappingA
CreateFileMappingW
CreateFileA
CreateFileW
CreateEventA
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareFileTime
CancelIo
GetComputerNameA

user32

LoadCursorA
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
LoadCursorW
SetCursor
DispatchMessageW
LoadBitmapW
GetSysColor
GetDlgItem
GetSystemMetrics
EndDialog
DialogBoxParamW
GetShellWindow
SetWindowPos
DrawTextW
GetParent
LoadStringW
GetWindowTextW
MessageBoxW
ExitWindowsEx
PostMessageW
MessageBeep
SendMessageW
GetWindowRect
GetDC
ReleaseDC
BeginPaint
EnumWindowStationsW
GetMonitorInfoW
ChangeDisplaySettingsA
DlgDirListComboBoxW
GetGuiResources
IsWindowUnicode
GetCursorInfo
OpenDesktopW
TileWindows
SwitchDesktop
CreateWindowExW
WaitForInputIdle
UpdateWindow
SystemParametersInfoW
AnimateWindow
ShowWindow
ShowOwnedPopups
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowPlacement
SetWindowLongW
SetTimer
SetRect
SetPropA
SetParent
SetForegroundWindow
SetFocus
SetCursorPos
SetClassLongW
SendNotifyMessageW
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageCallbackA
SendMessageA
RemovePropA
RegisterWindowMessageW
RegisterClassW
PostThreadMessageA
PostThreadMessageW
PostQuitMessage
PostMessageA
OffsetRect
LoadImageW
LoadIconW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
InvalidateRect
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowPlacement
GetWindowLongW
GetUserObjectInformationW
GetTopWindow
GetThreadDesktop
GetSystemMenu
GetPropA
GetWindow
GetMessageW
GetMenu
GetIconInfo
GetForegroundWindow
GetClientRect
GetClassNameA
GetClassLongW
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExA
FindWindowExW
FindWindowW
EnumWindows
EnumThreadWindows
EnableWindow
EnableMenuItem
DrawMenuBar
DrawFrameControl
DrawFocusRect
DestroyWindow
DestroyIcon
DefWindowProcW
CreateIconFromResource
ChildWindowFromPointEx
CharUpperW
CharNextExA
CharLowerW
BringWindowToTop
AttachThreadInput
AdjustWindowRectEx

gdi32

RealizePalette
GetEnhMetaFileBits
GetEnhMetaFileW
CreatePatternBrush
CreateSolidBrush
GetEnhMetaFileA
CreateFontIndirectW
GetTextExtentPointW
SetBkColor
ExtTextOutW
CreateCompatibleDC
GetObjectW
BitBlt
DeleteObject
SelectObject
CreateMetaFileA
GetCharWidthFloatA
SetBitmapDimensionEx
EngFreeModule
GetEnhMetaFileDescriptionA
CreateScalableFontResourceW
GdiConvertBrush
SetTextCharacterExtra
CheckColorsInGamut
EnumFontFamiliesA
CreatePolygonRgn
STROBJ_dwGetCodePage
GetDIBits
CreatePolyPolygonRgn
GetCharacterPlacementW
GetDCPenColor
CreateEnhMetaFileW
GetTextExtentPointI
GetBitmapBits
SelectClipRgn
GetCharABCWidthsI
SetMapMode
GdiInitSpool
GetRasterizerCaps
EngMultiByteToUnicodeN
EngQueryLocalTime
EngReleaseSemaphore
SetDeviceGammaRamp
FONTOBJ_cGetGlyphs
GetStockObject
EngTransparentBlt
GdiGetDC
STROBJ_bEnum
DeleteEnhMetaFile
EngDeletePalette
GdiReleaseLocalDC
GetBkColor
EngAcquireSemaphore
GetCurrentObject
GetStretchBltMode
SetTextColor
SetArcDirection
GdiValidateHandle
TranslateCharsetInfo
StretchDIBits
StretchBlt
SetStretchBltMode
SetBkMode
GetTextExtentPoint32W
GetPaletteEntries
GetNearestPaletteIndex
GetDeviceCaps
DeleteDC
CreateRoundRectRgn
CreateRectRgn
CreatePalette
CreateDIBitmap
CreateDIBSection
CreateCompatibleBitmap
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExA
RegOpenKeyA
RegOpenKeyW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
ReportEventW
RegisterEventSourceW
RegUnLoadKeyW
RegOpenKeyExA
RegLoadKeyW
OpenProcessToken
LookupPrivilegeValueA
LookupAccountSidA
LookupAccountSidW
InitializeSecurityDescriptor
GetUserNameA
GetUserNameW
GetTokenInformation
GetLengthSid
AdjustTokenPrivileges
GetKernelObjectSecurity
CryptSetProvParam
CryptGetProvParam
CryptDestroyHash
CryptSignHashA
CryptSetHashParam
CryptCreateHash
CryptImportKey
CryptExportKey
CryptReleaseContext
CryptDestroyKey
CryptGetUserKey
CryptAcquireContextA
CryptDecrypt
InitiateSystemShutdownExW
AbortSystemShutdownW

shell32

ShellExecuteExW
SHAppBarMessage
SHFileOperationA
SHGetMalloc
SHGetFileInfoA
SHFileOperationW
ShellExecuteW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetFolderPathA
SHGetFolderPathW
ord155
SHGetSpecialFolderLocation
SHGetFolderLocation
SHGetPathFromIDListA
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
GetHGlobalFromStream

shlwapi

PathGetArgsW
PathUnquoteSpacesW
PathAppendW

comctl32

ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc9d5d89d5b33d534065506e5a89ca19

Code Sign

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 225B

.rdata2 Size: 2KB - Virtual size: 2KB

.data Size: 259KB - Virtual size: 258KB

.text2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 225B

.rdata2
Size: 2KB - Virtual size: 2KB

.data
Size: 259KB - Virtual size: 258KB

.text2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 4KB - Virtual size: 3KB