7ef0e7cef231346bd6b670bc48600b595790945ca109e7e1e62dbebf745be882

Sharing

Copy URL Twitter E-mail

General

Target

7ef0e7cef231346bd6b670bc48600b595790945ca109e7e1e62dbebf745be882
Size

423KB
MD5

525726242a52d4bddec3a2f2700f518f
SHA1

9f881dff4e80d3c756ed01a1f75b88b4599745be
SHA256

7ef0e7cef231346bd6b670bc48600b595790945ca109e7e1e62dbebf745be882
SHA512

114a46d39e432cddbaafcca4b35aeeffc705a059f244f36f9fb7189e797d36d5cb3d1e71805532948ff2a9a478ef639427191d632504548a1d51fa40f65b76be
SSDEEP

12288:3MgcfwQ5xdiOT/fXW+Z/jwL0B2PWh56aqfm9:cgcfF5aOrW2/j1BvhyW

Score

N/A

Malware Config

Signatures

Files

7ef0e7cef231346bd6b670bc48600b595790945ca109e7e1e62dbebf745be882
.dll windows x86

9e7038620c2cd4e188f4e8daf51ab7af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetQueryDataAvailable
InternetQueryOptionW
InternetReadFile
InternetConnectW
InternetSetStatusCallbackW
HttpAddRequestHeadersA
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
InternetSetOptionW

kernel32

ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
ExitProcess
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventA
OpenMutexW
OpenProcess
OutputDebugStringW
Process32FirstW
Process32NextW
EnumSystemLocalesA
RaiseException
ReadFile
ReleaseMutex
ResetEvent
RtlUnwind
SearchPathW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
EnterCriticalSection
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateToolhelp32Snapshot
CreateThread
CreateProcessW
CreateMutexW
CreateFileA
CreateEventW
CreateEventA
CopyFileW
CompareStringW
CompareStringA
CloseHandle
CancelIo
AllocConsole
GetTimeFormatA
QueryPerformanceCounter

shlwapi

PathCompactPathExW

shell32

SHCreateDirectoryExW
CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcStringFreeW

advapi32

AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
StartServiceW
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
CreateProcessAsUserW
DuplicateTokenEx
FreeSid
GetUserNameW
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
RegCloseKey
RegDeleteValueW

user32

EndDialog
wsprintfW
ShowWindow
SetWindowTextW
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SetActiveWindow
SendMessageW
PostMessageW
OffsetRect
MessageBoxW
BringWindowToTop
CopyRect
CreateDialogParamW
CreateWindowExW
LoadStringW
DialogBoxParamW
EnableWindow
DestroyWindow
ExitWindowsEx
GetClientRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetParent
GetSystemMetrics
GetWindowRect
IsWindow
KillTimer
LoadImageW

gdi32

SetBkColor
CreateSolidBrush

ole32

CoUninitialize
CoInitializeEx

Exports

Exports

AsWriteBuffer
DelItemString
Format
FromString
GetBuiltins
SetAttr
SetFromWindowsErr
set_rows

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e7038620c2cd4e188f4e8daf51ab7af

Headers

File Characteristics

Imports

wininet

kernel32

shlwapi

shell32

version

rpcrt4

advapi32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 256KB - Virtual size: 256KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 256KB - Virtual size: 256KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 3KB