07bb295037ab359074abb107c46899475ca61b32a1a6517c0fbace42b206d505

Sharing

Copy URL Twitter E-mail

General

Target

07bb295037ab359074abb107c46899475ca61b32a1a6517c0fbace42b206d505
Size

264KB
MD5

03384a92008777f881d43c1fbd0062b0
SHA1

96490344127f31040ee3c527441d993f7a3a819a
SHA256

07bb295037ab359074abb107c46899475ca61b32a1a6517c0fbace42b206d505
SHA512

f9c4e6bbba4472b646ceeea98b6bc5023f895e399d34430009bc873f95fba83ed0e730ae99058bb9df57a0edb689fd15cc5fa95a060eaa5b3dca17fa2840983d
SSDEEP

3072:Gyv1xnsnwYO6bbrSlg9tiZs6hTZCY1X2scvjTLjIbhAKe4CbOa0E:JXnsn7bbrh9tiO6hlCY1X2scvofcO

Score

N/A

Malware Config

Signatures

Files

07bb295037ab359074abb107c46899475ca61b32a1a6517c0fbace42b206d505
.dll windows x86

ce39fb5b80c124192139607829bf3ea9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FindFirstFileA
MultiByteToWideChar
GetModuleHandleA
InterlockedDecrement
SetProcessWorkingSetSize
GetCurrentProcess
CreateFileA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA
CreateDirectoryA
ReadFile
GetFullPathNameA
SetCurrentDirectoryA
LocalFree
WideCharToMultiByte
DisableThreadLibraryCalls
FindNextFileA
GetLastError
FindClose
CreateToolhelp32Snapshot
Process32First
CloseHandle
GetFileSize
OpenFile
DeleteFileA
lstrlenA
GetModuleFileNameA
GetTickCount
Sleep
QueryDosDeviceA
OpenProcess
Process32Next

user32

GetCursorPos
GetClientRect
EndDialog
SetWindowPos
BringWindowToTop
SetForegroundWindow
SetWindowPlacement
EndPaint
BeginPaint
PostMessageA
ScreenToClient
SetCursor
LoadCursorA
LoadBitmapA
DialogBoxParamA
CreateWindowExA
SendMessageA
KillTimer
SetTimer
GetDlgItem
SetWindowLongA
ShowWindow
GetWindowRect
wsprintfA
CreateDialogParamA
InvalidateRect
GetWindowLongA
TranslateMessage
DispatchMessageA
GetSystemMetrics
SystemParametersInfoA
MoveWindow
SetWindowTextA
GetWindowPlacement
GetMessageA

gdi32

CreateCompatibleDC
SelectObject
GetObjectA
PtInRegion
DeleteObject
DeleteDC
SetBkMode
CreateCompatibleBitmap
CreateRectRgn
BitBlt

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA

msvcp60

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

strchr
localtime
_CxxThrowException
??0exception@@QAE@ABQBD@Z
_stricmp
_strupr
memcpy
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
memcmp
atoi
time
_adjust_fdiv
malloc
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
free
fprintf
fgets
sscanf
rand
wcslen
_ftol
strcat
_access
_beginthread
_getsystime
strcpy
memset
??2@YAPAXI@Z
strstr
strlen
getenv
__CxxFrameHandler
rename
fwrite
fseek
fclose
fopen
sprintf
isdigit
tolower
_beginthreadex
strncpy
srand
mktime

dbghelp

MakeSureDirectoryPathExists

ws2_32

recvfrom
select
inet_ntoa
gethostbyname
sendto
closesocket
WSACleanup
WSAStartup
socket

psapi

GetProcessImageFileNameA

advapi32

RegCloseKey
RegOpenKeyExA

ole32

CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantClear
VariantChangeType
VariantCopy

atl

ord47

wininet

HttpSendRequestA
InternetConnectA
HttpOpenRequestA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpAddRequestHeadersA

Exports

Exports

DllMainFunc
DllWebAspect

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce39fb5b80c124192139607829bf3ea9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msvcp60

msvcrt

dbghelp

ws2_32

psapi

advapi32

ole32

oleaut32

atl

wininet

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 12KB - Virtual size: 8KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 8KB

.rmnet
Size: 60KB - Virtual size: 60KB