d94bbc62b2f345d98c2b69c6173a51e59e6e6d9581e5e6d51f46d35d8f3998c3

Sharing

Copy URL

Twitter E-mail

General

Target

d94bbc62b2f345d98c2b69c6173a51e59e6e6d9581e5e6d51f46d35d8f3998c3
Size

355KB
MD5

f45d3e9f068eed28b41490774a7857e7
SHA1

d071a9ff48a7172081c3f89d0d5ae4016a523cf9
SHA256

d94bbc62b2f345d98c2b69c6173a51e59e6e6d9581e5e6d51f46d35d8f3998c3
SHA512

3f005cada6a051500688164ff1f5c5b6043b5e402fbb969d7993f75b89ac26a55fa7bc0c9c60f0a077b9d7bade38b8d12e77529566acb3267cc69b64880d0f19

Score

N/A

Malware Config

Signatures

Files

d94bbc62b2f345d98c2b69c6173a51e59e6e6d9581e5e6d51f46d35d8f3998c3
.dll windows x86

d9b78b0b76a832581e74b03152d5c00c

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleW
GetLastError
LoadLibraryExW
CloseHandle
WaitForSingleObject
CreateEventW
FreeResource
GlobalFree
WideCharToMultiByte
GetVersionExW
FindNextFileW
FindClose
lstrlenA
GetFullPathNameW
FindFirstFileW
FlushFileBuffers
WriteFile
CreateFileW
ReadFile
GetFileSize
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpA
GetTickCount
GetStringTypeExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
DeleteFileW
CreateDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
Sleep
WriteProcessMemory
ReadProcessMemory
VirtualProtect
IsBadCodePtr
IsBadReadPtr
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
MultiByteToWideChar
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetModuleFileNameA
GetStdHandle
HeapCreate
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
VirtualQuery
GetSystemInfo
GetModuleHandleA
GetSystemTimeAsFileTime
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
HeapDestroy
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetVersionExA
SetEvent
LoadLibraryW
GetProcAddress
OutputDebugStringW
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
MulDiv
lstrcmpW
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpiW
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
DnsHostnameToComputerNameA
VerifyVersionInfoW
AddConsoleAliasW
SetCalendarInfoW
lstrcmpiA
LocalFree
LocalAlloc
SwitchToThread
GetVersion
lstrcpynW
IsValidLocale
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
lstrcpyW
WaitForMultipleObjectsEx
VirtualQueryEx
TerminateThread
SystemTimeToTzSpecificLocalTime
SuspendThread
SetThreadPriority
SetThreadLocale
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryW
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetWindowsDirectoryW
GetThreadPriority
GetTempPathW
GetLocalTime
GetFileAttributesExW
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThread
GetCPInfoExW
InterlockedExchangeAdd
FormatMessageW
FileTimeToDosDateTime
ExpandEnvironmentStringsW
EnumSystemLocalesW
EnumCalendarInfoW
DeviceIoControl
CreateProcessW
CopyFileW

user32

CharUpperW
GetWindowTextLengthA
GetMenuCheckMarkDimensions
CharLowerW
DestroyCursor
LoadCursorA
DialogBoxParamW
GetActiveWindow
AppendMenuW
RemoveMenu
DestroyWindow
EndDialog
SetWindowLongW
CreatePopupMenu
SetWindowPos
GetClientRect
CharNextA
GetParent
GetDlgItem
MapWindowPoints
SystemParametersInfoW
GetWindowRect
GetWindow
MessageBoxW
LoadStringW
SetMenuDefaultItem
PostQuitMessage
LoadStringA
TrackPopupMenuEx
MessageBeep
PtInRect
CheckDlgButton
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
EnableWindow
IsWindowEnabled
DrawTextW
CopyRect
InflateRect
GetWindowLongW
CharLowerBuffW
TranslateAcceleratorW
IsWindowVisible
SetMenu
SetRect
SetMenuItemInfoW
SetDlgItemTextW
CreateDialogParamW
GetWindowTextW
GetWindowTextLengthW
PostMessageW
ShowWindow
SendMessageW
GetClassInfoExW
LoadCursorW
DefWindowProcW
SetWindowTextW
CallWindowProcW
RegisterClassExW
RegisterWindowMessageW
CreateWindowExW
GetSysColor
CharNextW
MoveWindow
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
UnregisterClassA
RedrawWindow
SetCapture
IsChild
GetClassNameW
ReleaseCapture
FillRect
EndPaint
BeginPaint
GetDesktopWindow
DestroyAcceleratorTable
SetFocus
GetFocus
IsWindow
CreateAcceleratorTableW
wvsprintfW
DispatchMessageW
GetMenuItemID
IsMenu
GetMenuItemInfoW
GetMenuItemCount
GetSubMenu
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
PostThreadMessageW
LoadMenuW
LoadAcceleratorsW
LoadImageW
PeekMessageW
GetMessageW
TranslateMessage
CloseDesktop
MessageBoxA
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMDISysAccel
TabbedTextOutW
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowsHookExW
SetWindowPlacement
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetPropW
SetParent
SetKeyboardState
SetForegroundWindow
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetActiveWindow
SendMessageA
ScrollWindow
RemovePropW
RegisterClipboardFormatW
RegisterClassW
PeekMessageA
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MapVirtualKeyW
LoadKeyboardLayoutW
LoadIconW
LoadBitmapW
KillTimer
IsZoomed
IsWindowUnicode
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsClipboardFormatAvailable
IsCharAlphaNumericW
IsCharAlphaW
IntersectRect
InsertMenuItemW
InsertMenuW
HideCaret
GetWindowThreadProcessId
GetWindowPlacement
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuDefaultItem
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetDoubleClickTime
GetDlgCtrlID
GetDCEx
GetCursorPos
GetCursor
GetClipboardData
GetClassLongW
GetClassInfoW
GetCapture
GetAsyncKeyState
FrameRect
FindWindowExW
FindWindowW
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DestroyIcon
DeleteMenu
DefMDIChildProcW
DefFrameProcW
CreateMenu
CreateIconIndirect
CreateIcon
CountClipboardFormats
CopyImage
CloseClipboard
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CallNextHookEx
AdjustWindowRectEx
ActivateKeyboardLayout
EnumDisplayMonitors
MonitorFromWindow

gdi32

CloseMetaFile
EndDoc
AbortDoc
CloseEnhMetaFile
CloseFigure
GetMapMode
GetEnhMetaFileA
GetEnhMetaFileBits
GetStockObject
SetBkMode
SetViewportOrgEx
CreateFontIndirectW
SetBkColor
ExtTextOutW
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteDC
DeleteObject
CreateCompatibleBitmap
SelectObject
ColorMatchToTarget
GetCharWidthI
SaveDC
GetTextCharset
GetRegionData
GetTextMetricsA
UpdateICMRegKeyW
EnumFontsA
GdiGetDevmodeForPage
EqualRgn
CreateDiscardableBitmap
UnrealizeObject
StretchDIBits
StretchBlt
StartPage
StartDocW
SetWindowOrgEx
SetWinMetaFileBits
SetTextColor
SetStretchBltMode
SetROP2
SetPixelV
SetPixel
SetPaletteEntries
SetMapMode
SetEnhMetaFileBits
SetDIBitsToDevice
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetAbortProc
SelectPalette
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
OffsetRgn
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetRgnBox
GetPixel
GetPaletteEntries
GetNearestPaletteIndex
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetCurrentObject
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
ExtFloodFill
ExtCreateRegion
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExW
EndPage
Ellipse
DeleteEnhMetaFile
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateICW
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineRgn
Chord
ArcTo
Arc
AngleArc

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyA
RegQueryValueExA
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegFlushKey
RegEnumValueW

shell32

ShellExecuteW
SHGetFileInfoW
SHFileOperationW
SHGetFolderPathW
SHFormatDrive
SHGetDiskFreeSpaceA
ExtractIconExA
DragQueryFileA
SHGetFolderPathA
SHFileOperation
Shell_NotifyIconW
DuplicateIcon
ExtractAssociatedIconA
DoEnvironmentSubstA
DragQueryFile
SHGetSpecialFolderLocation
SHFileOperationA
WOWShellExecute
SHGetFileInfoA
SHIsFileAvailableOffline
DragQueryFileAorW
SHLoadNonloadedIconOverlayIdentifiers
SHFreeNameMappings
SHInvokePrinterCommandA
Shell_NotifyIconA
SHGetDiskFreeSpaceExW
DragFinish
SHBrowseForFolder
SHEmptyRecycleBinA
DoEnvironmentSubstW
SHGetDataFromIDListA
SHInvokePrinterCommandW
SHGetDiskFreeSpaceExA
DragQueryFileW
SHBindToParent
ord680
ord153
ord16
ord24
ord25
ord18
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetDataFromIDListW
SHChangeNotify

ole32

CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoUninitialize
ReleaseStgMedium
DoDragDrop
RevokeDragDrop
RegisterDragDrop
StringFromCLSID
CoInitializeEx
IsEqualGUID

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathIsDirectoryW
StrCmpNIA
StrStrIA
StrCmpNA
StrChrIW

comctl32

ImageList_Create
_TrackMouseEvent
ImageList_AddMasked
InitCommonControlsEx
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ord17

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata8
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9b78b0b76a832581e74b03152d5c00c

Code Sign

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 512B - Virtual size: 225B

.data Size: 30KB - Virtual size: 30KB

.rdata8 Size: 245KB - Virtual size: 244KB

.rsrc Size: 43KB - Virtual size: 42KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 512B - Virtual size: 225B

.data
Size: 30KB - Virtual size: 30KB

.rdata8
Size: 245KB - Virtual size: 244KB

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 9KB - Virtual size: 8KB