c2514b94e501e34aee9a540ff44966093fee4bd55117da9f422e48c549458dcc

Sharing

Copy URL Twitter E-mail

General

Target

c2514b94e501e34aee9a540ff44966093fee4bd55117da9f422e48c549458dcc
Size

1.4MB
MD5

3bf76f0f6b3fbcdeeb0801aaca8ea560
SHA1

8826776b7d1bfe680221c00e5c2756bf6ade3b5f
SHA256

c2514b94e501e34aee9a540ff44966093fee4bd55117da9f422e48c549458dcc
SHA512

e1000218883b6cccb57d2a1d53d67125eaaf0a549f796141fa0397c5f7762c99402ab84013f2bf0abfdaa643b9f4f281614355289d89d79a19b83ba5121192a0
SSDEEP

24576:07gQGohMGT8Qnjz5wbcemEN8rN7ArS28b8u7O+m:85+QjucelkhQS28AGO+m

Score

N/A

Malware Config

Signatures

Files

c2514b94e501e34aee9a540ff44966093fee4bd55117da9f422e48c549458dcc
.dll windows x86

c516bc9318198ecad528afb98bee1801

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

commdll

ClxSendData
ClxSendFile
ClxSetCommOptions
ClxIsConnect
ClxConnect
ClxStartSSL
ClxCommInit
ClxDisconnect
ClxGetCurSetting

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

SetHandleCount
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
IsBadWritePtr
SetUnhandledExceptionFilter
HeapDestroy
SetStdHandle
IsBadCodePtr
CompareStringA
CompareStringW
HeapCreate
VirtualAlloc
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentVariableA
TerminateProcess
GetCurrentDirectoryA
GetACP
GetDriveTypeA
SetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
GetCommandLineA
ExitThread
CreateThread
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentStrings
RaiseException
WaitForSingleObject
ResumeThread
GlobalLock
GlobalUnlock
MulDiv
CreateEventA
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
WriteFile
SizeofResource
CreateFileA
DeviceIoControl
CloseHandle
lstrcatA
WinExec
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalReAlloc
GlobalFree
Sleep
lstrcpyA
GetModuleHandleA
GetProcAddress
GetTickCount
MoveFileA
GetLocaleInfoA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
RtlUnwind
FindResourceExA
GetFileSize
SystemTimeToFileTime
LocalFileTimeToFileTime
GlobalFlags
GetOEMCP
GetProcessVersion
LocalReAlloc
SetErrorMode
TlsGetValue
LeaveCriticalSection
TlsSetValue
EnterCriticalSection
DeleteCriticalSection
TlsFree
GlobalHandle
LocalAlloc
TlsAlloc
InitializeCriticalSection
GetFileTime
GetCurrentThread
GetDiskFreeSpaceA
GetFileAttributesA
SetFileTime
GetTempFileNameA
GetShortPathNameA
VirtualProtect
GetPrivateProfileIntA
GetFullPathNameA
GetThreadLocale
GetStringTypeExA
UnlockFile
GetVolumeInformationA
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
DuplicateHandle
ReadFile
GetCurrentProcess
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalAddAtomA
GlobalGetAtomNameA
lstrcpynA
GlobalFindAtomA
GlobalDeleteAtom
SetLastError
FormatMessageA
LocalFree
InterlockedIncrement
MultiByteToWideChar
InterlockedDecrement
HeapSize
WideCharToMultiByte
HeapReAlloc
HeapAlloc
HeapFree
GetLastError
ReleaseMutex
CreateMutexA
FindClose
FindFirstFileA
FindNextFileA
DeleteFileA
InterlockedExchange
WritePrivateProfileStringA
GetPrivateProfileStringA
GetThreadContext
SetThreadContext
SuspendThread
IsBadReadPtr
GetCurrentProcessId
SetEvent
ResetEvent
GetFileType

user32

RegisterClipboardFormatA
GetNextDlgGroupItem
PostThreadMessageA
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
CharNextA
UnpackDDElParam
ReuseDDElParam
SetMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetCursorPos
FindWindowA
CharUpperA
wvsprintfA
IsZoomed
EndDialog
CreateDialogIndirectParamA
LoadStringA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
TranslateMessage
ValidateRect
SendDlgItemMessageA
SetActiveWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
RemovePropA
DefWindowProcA
GetMessageTime
SetParent
GetWindowPlacement
IntersectRect
EndPaint
BeginPaint
DestroyMenu
EnableScrollBar
GetWindowTextA
SetWindowTextA
SetMenuDefaultItem
BringWindowToTop
GetWindow
MapWindowPoints
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
PeekMessageA
SetFocus
RegisterWindowMessageA
RedrawWindow
UnregisterClassA
RegisterHotKey
GetKeyNameTextA
GetKeyState
SetPropA
GetPropA
IsRectEmpty
GetCursorPos
SetRectEmpty
MessageBeep
CopyIcon
GetTabbedTextExtentA
UpdateWindow
GetMessageA
GetCapture
DispatchMessageA
GetCursor
IsChild
SetTimer
GetMessagePos
KillTimer
LoadCursorA
LoadMenuA
LoadIconA
IsWindowVisible
GetClassNameA
IsWindow
ShowScrollBar
SetForegroundWindow
GetFocus
DrawFrameControl
PtInRect
ReleaseCapture
SetCapture
GetMenu
GetMenuItemRect
ScreenToClient
CallWindowProcA
GetWindowDC
SetWindowLongA
CreateWindowExA
SetWindowPos
DrawStateA
GetClientRect
FrameRect
InflateRect
OffsetRect
DrawFocusRect
SetWindowContextHelpId
CopyAcceleratorTableA
LockWindowUpdate
GetDCEx
IsIconic
GetLastActivePopup
UnregisterHotKey
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
EnableWindow
GetSubMenu
DeleteMenu
RemoveMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
TrackPopupMenu
GetCaretPos
MessageBoxA

gdi32

BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
StartDocA
DeleteDC
RectVisible
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
OffsetViewportOrgEx
SetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
GetBkMode
CreatePen
GetWindowExtEx
GetViewportExtEx
GetMapMode
CreatePatternBrush
StretchDIBits
SetRectRgn
CreateFontA
LPtoDP
GetCharWidthA
GetBkColor
GetViewportOrgEx
GetTextColor
EndDoc
EndPage
AbortDoc
SetAbortProc
EnumFontFamiliesExA
StartPage
GetNearestColor
GetStretchBltMode
GetTextAlign
GetROP2
GetPolyFillMode
GetWindowOrgEx
GetTextFaceA
CombineRgn
CreateDCA
GetTextMetricsA
PtInRegion
DPtoLP
CreateEllipticRgn
CreateRectRgnIndirect
CreateBitmap
SetBkColor
FillRgn
GetStockObject
Rectangle
Escape
PatBlt
ExtTextOutA
TextOutA
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
SetTextColor
Ellipse
GetTextExtentPoint32A
PtVisible
GetDeviceCaps
CreateSolidBrush
GetTextExtentPoint32W
SaveDC
CreateFontIndirectA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueA
GetFileSecurityA
RegCreateKeyExA
RegCreateKeyA
SetFileSecurityA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteA
ShellExecuteExA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_Destroy
ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Create
_TrackMouseEvent
ord17
ImageList_GetImageInfo
ImageList_DrawEx

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CoTaskMemFree
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CreateStreamOnHGlobal
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromProgID
OleIsCurrentClipboard
CLSIDFromString

olepro32

ord251
ord253

oleaut32

SysAllocStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
VariantClear
SysFreeString

Exports

Exports

CreateXiaDanWnd
FilterXiaDanDllMsg
GetXiaDanDllVersion
GetXiaDanWndNumber
ProcessXiaDanDllIdle

Sections

.text
Size: 844KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c516bc9318198ecad528afb98bee1801

Headers

File Characteristics

Imports

commdll

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 844KB - Virtual size: 840KB

.rdata Size: 152KB - Virtual size: 149KB

.data Size: 60KB - Virtual size: 250KB

.rsrc Size: 184KB - Virtual size: 184KB

.reloc Size: 84KB - Virtual size: 83KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 844KB - Virtual size: 840KB

.rdata
Size: 152KB - Virtual size: 149KB

.data
Size: 60KB - Virtual size: 250KB

.rsrc
Size: 184KB - Virtual size: 184KB

.reloc
Size: 84KB - Virtual size: 83KB

.rmnet
Size: 60KB - Virtual size: 60KB