fa0475213aeb3c23f7fe3f2050af1f1a650f1efd3387f30af48152a1caf3e66a

Sharing

Copy URL Twitter E-mail

General

Target

fa0475213aeb3c23f7fe3f2050af1f1a650f1efd3387f30af48152a1caf3e66a
Size

244KB
MD5

64dedcae5e2664c2a751865334a965f0
SHA1

4c04694f773f1d887b1ef81ae6302bde2083dc9d
SHA256

fa0475213aeb3c23f7fe3f2050af1f1a650f1efd3387f30af48152a1caf3e66a
SHA512

e55122272b471871f8e666e6ed0ba52b462e3bf3a09dad9d2b58f28ed41e5e9ddfde05a68662db2738f52b5acaf930cf539f5830631f6b40518fb639163b4b64
SSDEEP

6144:MxcyO9fVkmuQLePjWdvqSX6HSG2A/Tz5w+:MxcP9WmugePEr6yG2q2+

Score

N/A

Malware Config

Signatures

Files

fa0475213aeb3c23f7fe3f2050af1f1a650f1efd3387f30af48152a1caf3e66a
.dll windows x86

ad2f31bdfde5bd35e9b8e0f75eb90a15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MakeSureDirectoryPathExists

wininet

InternetReadFile
FtpCommandA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpSendRequestA
HttpOpenRequestA
InternetReadFileExA
InternetQueryDataAvailable
FtpOpenFileA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA

kernel32

ResumeThread
WaitForSingleObject
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
GlobalFree
SetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
InterlockedExchange
LoadLibraryA
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedDecrement
GetCurrentThreadId
lstrcatA
lstrcpyA
GetProcAddress
SetErrorMode
RaiseException
InterlockedIncrement
ReadFile
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
lstrcmpA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
ExitThread
CreateThread
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
TerminateProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
CreateFileA
SetFilePointer
GetFileSize
SetEndOfFile
WriteFile
CloseHandle
GetTickCount
GetModuleHandleA
GetLastError
FindFirstFileA
FindClose
MoveFileExA
_lopen
_lread
_lcreat
_llseek
_lwrite
_lclose
lstrcpynA
LocalAlloc

user32

GetTopWindow
GetDlgItem
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
SetWindowTextA
ClientToScreen
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
PostQuitMessage
GetSystemMetrics
GetDC
GetMessageTime
GetSysColor
GetSysColorBrush
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
SendMessageA
GetKeyState
PeekMessageA
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
ReleaseDC
CharUpperA
CreateWindowExA
GetClassInfoA
RegisterClassA
DefWindowProcA
PostMessageA
DestroyWindow
GetMenuCheckMarkDimensions
LoadBitmapA
GetWindowTextA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
LoadCursorA

comctl32

ord17

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

CreateBitmap
GetClipBox
SetTextColor
SetBkColor
DeleteObject
SaveDC
RestoreDC
SetMapMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

CreateSDownLoad

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad2f31bdfde5bd35e9b8e0f75eb90a15

Headers

File Characteristics

Imports

dbghelp

wininet

kernel32

user32

comctl32

shlwapi

oleacc

gdi32

winspool.drv

comdlg32

oleaut32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 20KB

.reloc Size: 20KB - Virtual size: 18KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 20KB

.reloc
Size: 20KB - Virtual size: 18KB

.text
Size: 64KB - Virtual size: 64KB