89343e6dbd6d9c7eff127645ea01a513783ddab11e0dc08b580d15936040a7f9

Sharing

Copy URL Twitter E-mail

General

Target

89343e6dbd6d9c7eff127645ea01a513783ddab11e0dc08b580d15936040a7f9
Size

308KB
MD5

6b28e4ee860bb258eee3a3608a5bbf50
SHA1

2b24138345ecf5d70bec811e30228d6ea6c4252a
SHA256

89343e6dbd6d9c7eff127645ea01a513783ddab11e0dc08b580d15936040a7f9
SHA512

1491dae0ca57cad7505db850a13760d3e2500d25f87735b2145dc566011e499d6bc66c0d6dab28b252b6abb34b6c72a9dcc2369c16f0337033be1b397d11b497
SSDEEP

3072:0olG+j0Clz6ZQczwf+/uTzIkMQLp7cNFGTIG60QamK2FqtlW9aQ3WS2jbxWGqNp:0olGg0C1czn/9KzTx6qt2F8QmSbGq

Score

N/A

Malware Config

Signatures

Files

89343e6dbd6d9c7eff127645ea01a513783ddab11e0dc08b580d15936040a7f9
.dll windows x86

06fa7973e70490412f12e7377fdcae93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
OutputDebugStringA
GlobalAlloc
QueryPerformanceCounter
RaiseException
ReadFile
SetCurrentDirectoryW
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WriteFile
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
GetWindowsDirectoryW
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStartupInfoW
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLongPathNameW
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCommandLineW
GetAtomNameW
FreeLibrary
FormatMessageW
FlushInstructionCache
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FindAtomW
ExpandEnvironmentStringsW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
DeleteAtom
CreateProcessW
CreateFileW
CreateDirectoryW
CompareStringW
CloseHandle
AddAtomW
OutputDebugStringW
VirtualAlloc

user32

GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMonitorInfoW
GetNextDlgTabItem
GetParent
GetSubMenu
GetKeyState
GetSysColorBrush
GetSystemMenu
GetWindow
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
InflateRect
InsertMenuW
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadImageW
LoadMenuW
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MonitorFromPoint
MoveWindow
NotifyWinEvent
OffsetRect
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardViewer
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetParent
SetRect
SetRectEmpty
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutW
TrackPopupMenuEx
TranslateAcceleratorW
UnhookWindowsHookEx
UnionRect
UpdateWindow
WinHelpW
wsprintfW
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
FindWindowExW
FillRect
EqualRect
EnumThreadWindows
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DestroyWindow
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
CreateWindowExW
CreatePopupMenu
CreateIconIndirect
CreateAcceleratorTableW
CopyRect
CopyImage
CopyIcon
ClientToScreen
ChildWindowFromPointEx
CharUpperW
CharNextW
CharLowerW
ChangeClipboardChain
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuW
AdjustWindowRectEx
LoadIconW
LoadCursorW
LoadIconA
LoadCursorA
GetSystemMetrics
GetSysColor

gdi32

DeleteObject
Escape
ExtTextOutA
ExtTextOutW
FillRgn
GetBrushOrgEx
GetDIBits
GetDeviceCaps
GetLayout
GetObjectA
GetObjectW
GetPixel
GetTextExtentPoint32W
GetTextMetricsW
LPtoDP
OffsetRgn
PatBlt
DeleteEnhMetaFile
PtInRegion
PtVisible
RealizePalette
RectVisible
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetLayout
SetStretchBltMode
SetTextAlign
SetTextColor
StretchBlt
StretchDIBits
TextOutW
PlayEnhMetaFile
GetStockObject
CreateSolidBrush
CreateRectRgn
CreatePolygonRgn
CreatePatternBrush
CreateHalftonePalette
CreateFontIndirectW
CreateDIBSection
CreateDIBPatternBrushPt
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC

advapi32

RegOpenKeyExW

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ExtractIconW
ExtractIconExW
ShellExecuteExW

ole32

CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoGetClassObject
CoGetMalloc
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
DoDragDrop
GetHGlobalFromStream
OleInitialize
OleLockRunning
OleRun
OleUninitialize
ProgIDFromCLSID
RegisterDragDrop
RevokeDragDrop
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2
CLSIDFromProgID
CLSIDFromString

shlwapi

PathFindFileNameW

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06fa7973e70490412f12e7377fdcae93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 256KB - Virtual size: 256KB

.text3 Size: 1024B - Virtual size: 1012B

.text2 Size: 11KB - Virtual size: 10KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 256KB - Virtual size: 256KB

.text3
Size: 1024B - Virtual size: 1012B

.text2
Size: 11KB - Virtual size: 10KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 2KB