876ecf3131c3a1d80a02c38c0e774a5a60ae8c2c9c3d8b6a85c1bb9fd0a2d712

Sharing

Copy URL Twitter E-mail

General

Target

876ecf3131c3a1d80a02c38c0e774a5a60ae8c2c9c3d8b6a85c1bb9fd0a2d712
Size

154KB
MD5

327ce62fe147dd9c81a3ad8d70c43355
SHA1

403c737442f49f9c80caf01059f6f284d7ee4f4e
SHA256

876ecf3131c3a1d80a02c38c0e774a5a60ae8c2c9c3d8b6a85c1bb9fd0a2d712
SHA512

37a22ba89b54ace7c05da613fb6c7dbb529675550130d98743febc5a918d111e944c6dcb989b75d8ec63edb7b02a6aedea43995789b73975651cab46db8bbff0
SSDEEP

3072:/aOCHiBbqUY4IIGiv3sjyklo/XQz2jzpjJUXJ:/5CHiBbhY4I8vYPPaj9VYJ

Score

N/A

Malware Config

Signatures

Files

876ecf3131c3a1d80a02c38c0e774a5a60ae8c2c9c3d8b6a85c1bb9fd0a2d712
.dll windows x86

f18608bc6d92307149c135b5814df215

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
RaiseException
lstrcmpiW
GlobalUnlock
SetLastError
OutputDebugStringA
lstrcpynW
HeapDestroy
lstrcatW
LoadResource
FindResourceW
VirtualFree
QueryPerformanceCounter
DuplicateHandle
ResetEvent
FindResourceExW
MapViewOfFile
CreateFileMappingW
GetLocaleInfoW
UnmapViewOfFile
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetDriveTypeW
QueryDosDeviceW
GetProfileStringW
GetDiskFreeSpaceW
FindFirstFileW
FindNextChangeNotification
FindCloseChangeNotification
GetFileAttributesExW
GetFileInformationByHandle
SetFileTime
SetFileAttributesW
MoveFileW
SetEndOfFile
SetFilePointer
LockFileEx
LockFile
UnlockFile
ResumeThread
GetComputerNameA
WaitForMultipleObjectsEx
SetCommState
GetCommState
WaitCommEvent
SetCommTimeouts
GetCommTimeouts
GetCommMask
QueueUserWorkItem
FlushFileBuffers
DeviceIoControl
VirtualQuery
TlsFree
TlsAlloc
GetComputerNameW
OutputDebugStringW
GetTimeZoneInformation
WaitForMultipleObjects
OpenThread
TlsGetValue
TlsSetValue
GetStartupInfoA
SearchPathW
CompareStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetExitCodeThread
GetModuleHandleW
GetLastError
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
DisableThreadLibraryCalls
CloseHandle
WaitForSingleObject
CreateEventW
SetEvent
SetThreadPriority
GetCurrentThread
GetTempPathW
UnhandledExceptionFilter
Sleep
WideCharToMultiByte
GetShortPathNameW
HeapFree
GetProcessHeap
HeapAlloc
FreeLibrary
LocalAlloc
CreateFileW
GetFileSize
DeleteFileW
GlobalAlloc
GlobalLock
lstrlenW
IsProcessorFeaturePresent
TransmitCommChar
FindClose
ExpandEnvironmentStringsW
lstrcmpW
MulDiv
GetSystemInfo
VirtualAlloc
VirtualProtect
GetFileAttributesW
WriteFile
GetSystemDirectoryW
LocalFree
lstrlenA
FindNextFileW
lstrcpyW
GetCommModemStatus
ClearCommError
GetCommConfig
CreateDirectoryW
SetErrorMode
FreeLibraryAndExitThread
GetOverlappedResult
GlobalAddAtomW
GlobalDeleteAtom
GlobalFree
GlobalHandle
FreeResource
GetACP
CreateMutexW
lstrcmpiA
VerifyVersionInfoW
SystemTimeToFileTime
lstrcmpA
GetSystemDirectoryA
GetSystemDefaultLangID
GetFullPathNameW
CreateSemaphoreW
SizeofResource
CreateThread
CancelIo
LockResource
BindIoCompletionCallback

user32

GetLastInputInfo
RegisterClassExW
UnregisterDeviceNotification
BeginPaint
EndPaint
IntersectRect
EqualRect
SetWindowRgn
SetWindowPos
CharLowerW
GetParent
ShowWindow
GetWindowLongW
SetFocus
SetTimer
MsgWaitForMultipleObjectsEx
CharPrevW
DrawTextW
UpdateWindow
CharNextW
DefWindowProcW
SetWindowTextW
IsWindow
GetDC
GetWindowRect
ReleaseDC
GetClientRect
DestroyIcon
LoadStringW
EnableWindow
SetWindowLongW
GetCursorPos
GetClassNameW
IsWindowVisible
GetCapture
PtInRect
FindWindowExW
RedrawWindow
MapWindowPoints
CopyRect
IsIconic
SetCursor
IsWindowEnabled
SendInput
ReleaseCapture
GetAsyncKeyState
SetCursorPos
SetRectEmpty
FindWindowW
SetCapture
SystemParametersInfoW
ScreenToClient
SetWindowPlacement
GetDesktopWindow
GetForegroundWindow
IsZoomed
SetForegroundWindow
UnregisterHotKey
SetRect
GetWindowDC
CopyIcon
SetClipboardViewer
GetClipboardViewer
ChangeClipboardChain
CloseClipboard
EnumClipboardFormats
CountClipboardFormats
OpenClipboard
RegisterClipboardFormatW
SetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseWindow
SetParent
EnableMenuItem
GetSystemMenu
LoadIconW
SystemParametersInfoA
AdjustWindowRect
ShowScrollBar
LockWindowUpdate
GetSysColor
FillRect
GetSysColorBrush
InflateRect
IsDlgButtonChecked
SetDlgItemTextW
CheckDlgButton
GetWindowTextW
DefDlgProcW
DrawIconEx
GetKeyboardType
GetKeyboardState
GetRawInputData
CallNextHookEx
ShowCursor
RegisterRawInputDevices
FlashWindow
SetWindowsHookExW
UnhookWindowsHookEx
DestroyCursor
UnionRect
wsprintfW
LoadCursorW
RegisterDeviceNotificationW
GetKeyState
GetMonitorInfoW

winspool.drv

GetPrinterA
SetPrinterW
SetJobW
SetJobA
GetJobA
GetPrinterDriverW
GetPrinterW
GetPrinterDataW
ClosePrinter
OpenPrinterW
DeviceCapabilitiesW
EnumPrintersW
GetJobW
StartDocPrinterW

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExA
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegConnectRegistryW
GetSecurityDescriptorLength
GetFileSecurityW
RegCreateKeyW
RegOpenKeyW
RegFlushKey
RegOpenKeyA
GetUserNameA
RegCloseKey

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHFileOperationW
DragQueryFileW

ole32

OleGetClipboard
OleRegEnumVerbs
CoGetMalloc
CoInitializeEx
OleSetClipboard
OleIsCurrentClipboard
OleInitialize
CoTaskMemFree
OleLoadFromStream
OleRegGetMiscStatus
CoTaskMemRealloc
CreateDataAdviseHolder
StringFromCLSID
CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
CoInitialize
ReleaseStgMedium
CoUninitialize
CLSIDFromString
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvcrt

printf
strchr
memmove
memset
malloc
wcstok
exit
wcsncmp
strtoul
bsearch
realloc
strtok
wcsstr
iswalnum
strncmp
wcschr
fclose
ungetc
iswdigit
iswctype
ferror
wctomb
localeconv
isleadbyte
isdigit
calloc
towlower
toupper
free

secur32

QueryContextAttributesW
InitializeSecurityContextW
FreeContextBuffer
DeleteSecurityContext
GetUserNameExW

crypt32

CertDuplicateCertificateContext
CertOpenStore
CertAddCertificateContextToStore
CertCloseStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertFindExtension
CertFindCertificateInStore
CertCompareCertificate
CertGetEnhancedKeyUsage
CertGetCertificateChain
CertVerifySubjectCertificateContext
CertDuplicateCertificateChain
CertFreeCertificateChain
CertCreateCertificateContext
CertVerifyCertificateChainPolicy

shlwapi

PathFindExtensionW
StrCmpW
PathCompactPathW
PathRemoveFileSpecW
PathIsDirectoryW
SHCreateStreamOnFileW
StrStrW
StrDupW
PathAppendW
PathFindFileNameW
StrChrW
StrFormatByteSizeW
PathFindFileNameA
SHQueryValueExW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInfoW
SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey
SetupDiCreateDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW

winmm

waveOutUnprepareHeader
waveOutWrite
waveOutClose
waveOutGetPitch
waveOutGetVolume
waveOutPrepareHeader
waveOutSetVolume

wininet

DeleteUrlCacheEntryW
CreateUrlCacheEntryW
InternetGetCookieW

urlmon

CopyStgMedium

ws2_32

WSALookupServiceBeginW
WSANSPIoctl
WSALookupServiceEnd
WSALookupServiceNextW

iphlpapi

GetBestInterfaceEx

Exports

Exports

JavaLaterTheUsedMechanism
OfOverride
OrderThat
OverrideStandardsPackagesOf
PlatformTime
TheIncludedStandalone
TheThatTheOf

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f18608bc6d92307149c135b5814df215

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

shell32

ole32

version

msvcrt

secur32

crypt32

shlwapi

setupapi

winmm

wininet

urlmon

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 4KB - Virtual size: 227KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 4KB - Virtual size: 227KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB