eeeea84d707a2bacef580c40d07fceec71a7dc22b9a19c37d2acb4c4b2691275

Sharing

Copy URL

Twitter E-mail

General

Target

eeeea84d707a2bacef580c40d07fceec71a7dc22b9a19c37d2acb4c4b2691275
Size

640KB
MD5

bae6d8ef445aceee18fd8819b3e2c323
SHA1

907253ed246ba260f771bdb920030577d19c01d1
SHA256

eeeea84d707a2bacef580c40d07fceec71a7dc22b9a19c37d2acb4c4b2691275
SHA512

58bd320a6774ec615906d20d39f541c7098bceaa6885fc9cfbd0fecc408508c1a9e5e1af4ec50652f337a39fe8d78b2f8ae35f54d29b7bd7c2a4102427224650
SSDEEP

12288:ZVqbxK2ChJ9dXEJ7R2tyQAqGLugLQHiippcT1sSVK/5A77eWVb/UmlWiP:ZVqeJgGZG/LUPppcRXuA77eWVAmlWiP

Score

N/A

Malware Config

Signatures

Files

eeeea84d707a2bacef580c40d07fceec71a7dc22b9a19c37d2acb4c4b2691275
.dll windows x86

16498a5799398cbd932e4fded3a61a19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohl
htonl
ntohs
htons

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
CreateDirectoryW
HeapFree
EnterCriticalSection
GetStdHandle
WriteFile
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
CreateFileW
GetCurrentThreadId
HeapSize
MultiByteToWideChar
GetConsoleMode
GetLastError
OutputDebugStringW
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
WriteConsoleW
DeleteCriticalSection
GetProcessHeap
WideCharToMultiByte
FindFirstFileW
FindClose
SetFileAttributesW
IsBadWritePtr
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
SetStdHandle
WaitForSingleObject
CreateEventW
SetEvent
ResetEvent
GetFileTime
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
GetTickCount
OpenEventA
DisableThreadLibraryCalls
GetCurrentProcessId
CreateProcessW
GetModuleHandleW
ReadFile
ExpandEnvironmentStringsW
DeleteFileW
GetFileSize
GetVolumeInformationW
DeviceIoControl
GetDiskFreeSpaceExW
LoadLibraryExW
Sleep
CreateFileA
CreateMutexA
OpenMutexA
TerminateThread
CreateThread
CreateEventA
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
GetVersionExW
GetConsoleCP
GetFileType
GetACP
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
RtlUnwind
InitializeSListHead
QueryPerformanceCounter
FlushFileBuffers
SetFilePointerEx
ReadConsoleW
SetLastError
SetEndOfFile
GetCommandLineA
GetOEMCP
IsValidCodePage
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
IsDebuggerPresent
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FindNextFileA
FindFirstFileExA
EnumSystemLocalesW
GetUserDefaultLCID
EncodePointer
IsValidLocale

user32

GetMessageW
DispatchMessageW
TranslateAcceleratorW
TranslateMessage
PostThreadMessageW
DefWindowProcW
DestroyWindow
CreateWindowExW
SetWindowLongW
SendMessageW
CallWindowProcW

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA

oleaut32

SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysAllocString
SysStringByteLen
SysFreeString

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathAppendW
PathIsDirectoryW
PathAddBackslashW
PathAppendA
PathRemoveFileSpecA

wininet

HttpQueryInfoW
InternetCloseHandle
InternetGetConnectedState
InternetReadFile
InternetOpenUrlW
InternetOpenW

netapi32

NetApiBufferFree
Netbios
NetWkstaTransportEnum

Exports

Exports

GetInterFaceFactory
InitManager
UnInitManager

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tvm0
Size: 273KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16498a5799398cbd932e4fded3a61a19

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

oleaut32

shlwapi

wininet

netapi32

Exports

Exports

Sections

.text Size: 244KB - Virtual size: 244KB

.rdata Size: 75KB - Virtual size: 74KB

.data Size: 5KB - Virtual size: 9KB

.gfids Size: 1024B - Virtual size: 548B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1024B - Virtual size: 832B

.tvm0 Size: 273KB - Virtual size: 276KB

.reloc Size: 13KB - Virtual size: 16KB

.text
Size: 244KB - Virtual size: 244KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 5KB - Virtual size: 9KB

.gfids
Size: 1024B - Virtual size: 548B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1024B - Virtual size: 832B

.tvm0
Size: 273KB - Virtual size: 276KB

.reloc
Size: 13KB - Virtual size: 16KB