2f5a219e2f526a0cad26c0e2189419cd3b19041a2f215fb25f26b82f19b11f43

Sharing

Copy URL Twitter E-mail

General

Target

2f5a219e2f526a0cad26c0e2189419cd3b19041a2f215fb25f26b82f19b11f43
Size

172KB
MD5

6d1c4b1ea49cde332091cdaa0161bcb8
SHA1

3b5b65c1bd000ac9e2d8d42de6da3ac29f58b48f
SHA256

2f5a219e2f526a0cad26c0e2189419cd3b19041a2f215fb25f26b82f19b11f43
SHA512

d079ec155d0e7b6ebc9703c52bebcc2adf60960794ab6279ff14d5fbd0859a04a51fffa40974bd12aaf56bd1e7e337b76a1fc157b6d7e0f7139bf3c72ebbb905
SSDEEP

3072:p7a5+/OQd2XvJ6GtBEu6z4OCW64Ky4G1qlxNFlS0ltpI+hFmK0temsCsgO:p7a0OQd2Xv0OB/4Ky4G4lxNCMhFm+bD

Score

N/A

Malware Config

Signatures

Files

2f5a219e2f526a0cad26c0e2189419cd3b19041a2f215fb25f26b82f19b11f43
.dll windows x86

eeed51c8cea745f8ad73f4d260ebdbf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
DebugBreak
IsDebuggerPresent
CreateThread
WriteFile
FreeResource
SizeofResource
SetLastError
SetEvent
WaitForSingleObject
FreeLibrary
CreateEventW
lstrcpyW
lstrcpynW
GetProcAddress
LoadLibraryW
OutputDebugStringA
GetLocalTime
QueryPerformanceFrequency
RegisterWaitForSingleObject
InitializeCriticalSectionAndSpinCount
UnregisterWaitEx
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetSystemInfo
FindResourceW
LockResource
LoadResource
UpdateResourceW
GlobalHandle
CloseHandle
InterlockedIncrement
InterlockedDecrement
lstrlenW
FindResourceExW
GetCurrentProcess
GetCurrentThread
OutputDebugStringW
lstrcmpW
GlobalUnlock
GlobalLock
CreateProcessW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FormatMessageW
GetCurrentThreadId
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrcmpiW
WriteProfileStringW
GetProfileStringW
BuildCommDCBW
GetLastError
LocalAlloc
LocalFree
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
GetCommandLineA
GlobalFree
GlobalAlloc
lstrcatW
VirtualProtect

user32

DeleteMenu
CheckMenuItem
SetWindowTextW
GetMessagePos
MapWindowPoints
SetFocus
EnableMenuItem
InvalidateRect
GetSysColor
RemoveMenu
DestroyMenu
TrackPopupMenu
GetMenuItemCount
GetSubMenu
GetMenu
DefWindowProcW
SendDlgItemMessageW
PeekMessageW
GetMenuItemInfoW
SetMenuItemInfoW
SetDlgItemInt
GetCursor
ChildWindowFromPoint
EnumChildWindows
GetDlgItemTextW
SetDlgItemTextW
LoadAcceleratorsW
RegisterClassW
PostThreadMessageW
PostQuitMessage
DestroyAcceleratorTable
RegisterWindowMessageW
GetClientRect
GetFocus
ReleaseDC
GetDC
IsWindow
OffsetRect
PtInRect
SetRect
GetSystemMetrics
SetCursor
LoadCursorW
ClientToScreen
GetWindowRect
DestroyIcon
CopyIcon
GetIconInfo
LoadImageW
FillRect
LoadIconW
GetClassNameW
EqualRect
SendNotifyMessageW
GetDlgItem
ShowWindow
EnableWindow
SendMessageW
LoadStringW
GetWindowLongW
EndDialog
SetWindowLongW
DefDlgProcW
UnionRect
DestroyWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetCaretPos
SetCaretPos
IsRectEmpty
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
PostMessageW
GetParent
MessageBoxIndirectW
SystemParametersInfoW

advapi32

RegOpenKeyExW
RegOpenKeyW
RegEnumValueW
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTraceEnableLevel
GetTraceLoggerHandle
FreeSid
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
CheckTokenMembership
GetTraceEnableFlags
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExW
RegCloseKey

gdi32

DeleteObject
CreateCompatibleDC
SelectObject
DeleteDC
CreateDIBitmap
GetDIBits
CreatePen
GetTextColor
GetStockObject
CreateSolidBrush
SetBkMode
PatBlt
GetTextMetricsW
SetWorldTransform
SetMapMode
SetGraphicsMode
DPtoLP
LPtoDP
ModifyWorldTransform
LineTo
MoveToEx
GetObjectW
GetCurrentObject
SetTextColor
CreateDCW

ole32

CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CoCreateInstance
CoCreateGuid
CoInitializeEx
CoInitialize
CoUninitialize

msvcr71

_except_handler3
_amsg_exit
free
_XcptFilter
memset
memmove
malloc
_vsnwprintf
memcpy
_onexit
_adjust_fdiv
_callnewh
_CxxThrowException
_wcsnicmp
wcslen
wcschr
_wcsicmp
_unlock
realloc
_vsnprintf
_lock
__dllonexit
_initterm
__CppXcptFilter

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeed51c8cea745f8ad73f4d260ebdbf6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB