1eda0adefb2e0d3b269b70de79c3a493daaff5a6afc11e4bc04635b2b1d69948

Sharing

Copy URL Twitter E-mail

General

Target

1eda0adefb2e0d3b269b70de79c3a493daaff5a6afc11e4bc04635b2b1d69948
Size

660KB
MD5

59739de4f14ca80d383502c9ceac4cd9
SHA1

a003d636a69f85af8914495e026572c7d8cfce4b
SHA256

1eda0adefb2e0d3b269b70de79c3a493daaff5a6afc11e4bc04635b2b1d69948
SHA512

cbb7a3cee02e96855edb66e002e7e30e55985f4666e95c4708202a74e0a0ae398079c1d140b3d5edbc52f2c004d06e39fffcdb9633162d9b8a4a9d09b3d8fb00
SSDEEP

12288:PZ02dioDueNBAe/Ew0vOi3Sz3P5QU7HyirXv1OTMEhLAEc8B+XLEqIeX6gAy/j:xw9e9/YGOSVQpir/1OPAVXMeBAGj

Score

N/A

Malware Config

Signatures

Files

1eda0adefb2e0d3b269b70de79c3a493daaff5a6afc11e4bc04635b2b1d69948
.dll windows x86

12417e76af468159503b8e5ed44b08c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

closesocket
send
recv
connect
inet_ntoa
WSACleanup
htons
gethostbyname
socket
WSAStartup

wininet

InternetGetCookieA
InternetReadFile
HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersA
InternetSetOptionW
InternetQueryOptionW
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetCloseHandle
InternetSetCookieW

kernel32

FindResourceW
FindResourceExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
WideCharToMultiByte
GetLastError
lstrlenA
MultiByteToWideChar
InterlockedDecrement
GetProcAddress
LoadLibraryW
GetModuleFileNameW
FreeLibrary
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
InterlockedIncrement
CreateEventW
CreateThread
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
CloseHandle
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
TerminateThread
ResetEvent
Sleep
CreateMutexW
ReleaseMutex
GetThreadPriority
GetCurrentThread
GetStringTypeW
GetStringTypeA
LCMapStringA
SetFilePointer
GetLocaleInfoA
GetModuleHandleA
GetTimeZoneInformation
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadResource
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetFileType
SetStdHandle
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
ExitProcess
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
InterlockedCompareExchange
GetProcessHeap
HeapFree
GlobalAddAtomA
LockResource
SizeofResource
SetEnvironmentVariableA
CompareStringW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetConsoleOutputCP
WriteConsoleA
WriteConsoleW
FlushFileBuffers
ReadFile
CreateFileA
CompareStringA
GetEnvironmentStringsW

user32

SetTimer
PostMessageW
MsgWaitForMultipleObjects
KillTimer
GetParent
DialogBoxParamW
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetActiveWindow
SendMessageW
GetClientRect
GetDlgItem
FindWindowW
UnregisterClassA
SetDlgItemTextW
SetWindowLongW
GetFocus
CharNextW
GetWindowLongW
DefWindowProcW
CallWindowProcW
PostThreadMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassExW
LoadCursorW
DestroyAcceleratorTable
GetDesktopWindow
CheckRadioButton
ShowWindow
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
MapWindowPoints
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
ReleaseDC
SetFocus
GetWindow
IsWindow
GetClassNameW
GetSysColor
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
InvalidateRect
GetDC

gdi32

CreateCompatibleBitmap
SelectObject
DeleteObject
CreateCompatibleDC
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
BitBlt
CreateSolidBrush

advapi32

RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

OleUninitialize
CoGetClassObject
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
StringFromGUID2
OleLockRunning
OleInitialize
CLSIDFromString
CLSIDFromProgID

oleaut32

VariantChangeType
VariantCopy
VarBstrCmp
SysAllocStringLen
VariantClear
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VarUI4FromStr
SysFreeString
SysAllocString
VariantInit

shlwapi

PathAppendW
PathRemoveFileSpecW

crypt32

CertCloseStore

secur32

EncryptMessage
FreeContextBuffer
DeleteSecurityContext
AcquireCredentialsHandleW
QueryContextAttributesW
DecryptMessage
InitializeSecurityContextW
ApplyControlToken
FreeCredentialsHandle

Exports

Exports

IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12417e76af468159503b8e5ed44b08c9

Headers

File Characteristics

Imports

wsock32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

crypt32

secur32

Exports

Exports

Sections

.text Size: 313KB - Virtual size: 312KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 13KB - Virtual size: 22KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 27KB - Virtual size: 26KB

.text Size: 195KB - Virtual size: 196KB

.text
Size: 313KB - Virtual size: 312KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 13KB - Virtual size: 22KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 27KB - Virtual size: 26KB

.text
Size: 195KB - Virtual size: 196KB