c17f3f995bd1b47bb77be310896df3c9c3fe3cc30e22ab24f99cf03c8960b452

Sharing

Copy URL

Twitter E-mail

General

Target

c17f3f995bd1b47bb77be310896df3c9c3fe3cc30e22ab24f99cf03c8960b452
Size

532KB
MD5

67446659ce50c5d8f2150a15363ce560
SHA1

0640702a636694b27422af6165b2575344dc869a
SHA256

c17f3f995bd1b47bb77be310896df3c9c3fe3cc30e22ab24f99cf03c8960b452
SHA512

8d8a2496ee33cfedf3d90f33f43d83e7f567f436b3704ad26d8159eb55cd97385342084ce44bef5b43fdf3e7de380963f0f25e8c90d73ab6de63b1b085c68d3e
SSDEEP

3072:e3G9u8k93q/q6b6YJC6SbPJcifrLDg7s6MSXZ3cS9v0A/Q+DCoojI9Vxykx80mV1:0G05tqrXsciu6S9cU0iQ5oAI9EV

Score

N/A

Malware Config

Signatures

Files

c17f3f995bd1b47bb77be310896df3c9c3fe3cc30e22ab24f99cf03c8960b452
.dll windows x86

3fe38d3c554521c2bf01e16d4bf15b1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
Sleep
WriteProcessMemory
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualFree
VirtualAlloc
UnmapViewOfFile
TerminateThread
TerminateProcess
SystemTimeToFileTime
SuspendThread
Sleep
SetThreadPriority
SetThreadContext
SetThreadAffinityMask
SetPriorityClass
SetLastError
SetFileAttributesW
SetEvent
SetErrorMode
ResumeThread
ResetEvent
ReleaseMutex
ReadProcessMemory
ReadFile
PulseEvent
OpenProcess
OpenFileMappingA
OpenEventA
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryExA
LoadLibraryExW
LoadLibraryA
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalLock
GlobalFree
GlobalAlloc
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadContext
GetSystemDirectoryA
GetSystemDirectoryW
GetStartupInfoW
GetProcessVersion
GetProcAddress
GetPriorityClass
GetModuleHandleA
GetModuleHandleW
GetModuleFileNameA
GetModuleFileNameW
GetLastError
GetFileSize
GetFileAttributesA
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetDriveTypeW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCommandLineW
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FlushViewOfFile
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateProcessW
CreateMutexA
CreateMutexW
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateEventA
CreateEventW
CompareFileTime
CloseHandle
GetLongPathNameW

user32

CreateWindowExA
wvsprintfW
WaitForInputIdle
TranslateMessage
TrackPopupMenuEx
SystemParametersInfoW
ShowWindow
ShowOwnedPopups
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetPropA
SetParent
SetForegroundWindow
SetClassLongW
SendMessageTimeoutA
SendMessageCallbackA
SendMessageA
SendMessageW
RemovePropA
ReleaseDC
RegisterClassA
PostThreadMessageA
PostMessageA
OffsetRect
MsgWaitForMultipleObjects
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
GetWindowThreadProcessId
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetTopWindow
GetSubMenu
GetPropA
GetParent
GetWindow
GetMessageW
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenu
GetForegroundWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongW
GetAsyncKeyState
FindWindowExA
FindWindowExW
FindWindowW
EnumWindows
EnumThreadWindows
EnableWindow
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DefWindowProcA
CreatePopupMenu
ChildWindowFromPointEx
AttachThreadInput
AdjustWindowRectEx

gdi32

GetDeviceCaps

advapi32

RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
GetTokenInformation
GetLengthSid
AdjustTokenPrivileges
OpenProcessToken
GetKernelObjectSecurity

ole32

CreateStreamOnHGlobal
CreateBindCtx
MkParseDisplayName
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
GetHGlobalFromStream
CreateStreamOnHGlobal

comctl32

ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ImageList_Write

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
Shell_NotifyIconW
SHGetFileInfoA
SHGetFileInfoW
ExtractIconExA

Exports

Exports

_TuneUpAPI_InitModule@4

Sections

.text
Size: 467KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 188B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fe38d3c554521c2bf01e16d4bf15b1d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

comctl32

shell32

Exports

Exports

Sections

.text Size: 467KB - Virtual size: 466KB

.itext Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 188B

.idata Size: 42KB - Virtual size: 41KB

.edata Size: 512B - Virtual size: 92B

.reloc Size: 17KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 467KB - Virtual size: 466KB

.itext
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 188B

.idata
Size: 42KB - Virtual size: 41KB

.edata
Size: 512B - Virtual size: 92B

.reloc
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 2KB