7abade6b57d5e6f4d4fe3af225d5d98f13c0d0fca25590360fa15b08667448bc

Sharing

Copy URL Twitter E-mail

General

Target

7abade6b57d5e6f4d4fe3af225d5d98f13c0d0fca25590360fa15b08667448bc
Size

120KB
MD5

3a483d96fa7adc87d56e4df69570380c
SHA1

a06f93a9209ef2b862060da2c50e9aa671e33568
SHA256

7abade6b57d5e6f4d4fe3af225d5d98f13c0d0fca25590360fa15b08667448bc
SHA512

ebe54778880ebc8769f53a9974a577976f96f172441632b1f2f4cc1a13bea661c51d8d7255d5f6d72b9eb91de88d7bf00cc76ed0ae38d32574c55a13ac109f2d
SSDEEP

1536:f1mHkSfm5eMGdgbTF+dobwna6LQRc76ifVTes4CDusciI5b:fwESuGBdIsF0RM60VTes4CDusci6b

Score

N/A

Malware Config

Signatures

Files

7abade6b57d5e6f4d4fe3af225d5d98f13c0d0fca25590360fa15b08667448bc
.dll windows x86

dae7db6062a8f09bc9d142d35e37e908

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CreateIoCompletionPort
ResetEvent
Sleep
WaitForSingleObject
WinExec
lstrcpyA
TerminateThread
lstrcatA
GetLocalTime
lstrcmpA
CreateProcessA
GetSystemDirectoryA
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GetVersionExA
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
FreeLibrary
GetProcAddress
LoadLibraryA
OpenProcess
GetExitCodeThread
GetTickCount
SetErrorMode
FreeConsole
LocalSize
GetLastError
SetStdHandle
FindClose
LCMapStringW
GetQueuedCompletionStatus
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
SetEvent
CreateEventA
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
CloseHandle
RemoveDirectoryA
InitializeCriticalSection
GetLogicalDriveStringsA
GetVolumeInformationA
lstrlenA
GetDiskFreeSpaceExA
GetDriveTypeA
DeleteFileA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
GetEnvironmentStrings
FreeEnvironmentStringsW
LocalAlloc
FindFirstFileA
FreeEnvironmentStringsA
GetModuleFileNameA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
HeapCreate
HeapDestroy
HeapSize
ExitProcess
TlsGetValue
SetLastError
TlsFree
LocalReAlloc
FindNextFileA
LCMapStringA
LocalFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetModuleHandleA
RaiseException
HeapFree
GetVersion
DeleteCriticalSection
FlushFileBuffers
GetCommandLineA
WideCharToMultiByte
InterlockedIncrement
RtlUnwind
HeapAlloc
HeapReAlloc
InterlockedDecrement

user32

GetWindowTextA
GetActiveWindow
GetKeyNameTextA
GetFocus
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
ReleaseDC
GetDC
wsprintfA
CloseDesktop
GetDesktopWindow
SetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
CloseWindow
IsWindow
SendMessageA
CreateWindowExA
GetSystemMetrics
ExitWindowsEx
EnumWindows
IsWindowVisible
GetWindowThreadProcessId

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateDCA
GetDIBits
SelectObject
CreateDIBSection
BitBlt
DeleteDC
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegQueryValueExA
RegQueryValueA

shell32

SHGetFileInfoA

dbghelp

MakeSureDirectoryPathExists

ws2_32

connect
htons
gethostbyname
socket
WSAGetLastError
inet_ntoa
closesocket
getpeername
getsockname
gethostname
WSARecv
WSAStartup
send
ntohs

imm32

ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

urlmon

URLDownloadToFileA

avicap32

capCreateCaptureWindowA

psapi

EnumProcessModules
GetModuleFileNameExA

Exports

Exports

ServiceMain

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae7db6062a8f09bc9d142d35e37e908

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

dbghelp

ws2_32

imm32

wininet

urlmon

avicap32

psapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 16KB

.shared Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 16KB

.shared
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB