b82dc9ff91a6c2927847d9291b0f941de24c5a741a88cfb10ef5997ff3f619c4

Sharing

Copy URL Twitter E-mail

General

Target

b82dc9ff91a6c2927847d9291b0f941de24c5a741a88cfb10ef5997ff3f619c4
Size

228KB
MD5

76b9f41e21b3bd6eaeae7f50f138600a
SHA1

dcb6d9327a55de25aa07614c5fc49022eb1fef46
SHA256

b82dc9ff91a6c2927847d9291b0f941de24c5a741a88cfb10ef5997ff3f619c4
SHA512

fdacf7b182dd610b1f95c7e9c8d230869a2ac9faf9bcce051b650027f64a757604a0a9a2de765a1f2ade71d7ed90488fa34f620fde29d5cecf11b9f4d692dc4b
SSDEEP

3072:6ob+5FK3xeXlfsnsluDMcsYoDE4sBG/ysEY5Yid04kbb+p7s+Ct7WbyERMGG440:Fb+LK3MXl3ludoWRzAYizy+G+XUf4j

Score

N/A

Malware Config

Signatures

Files

b82dc9ff91a6c2927847d9291b0f941de24c5a741a88cfb10ef5997ff3f619c4
.dll windows x86

f0d78442df90de5066dedf8fdf4c51a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalLock
GlobalReAlloc
GlobalAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcatA
lstrcpynA
GetVersion
SetLastError
GetLastError
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
GlobalFree
GetCurrentProcess
WriteFile
SetFilePointer
FlushFileBuffers
RtlUnwind
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
GetACP
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
lstrcmpiA
lstrcpyA
MultiByteToWideChar
lstrlenA
CreateProcessA
WaitForSingleObject
CloseHandle
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary

user32

GetDlgCtrlID
GetWindowTextA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
EnableWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
SendMessageA
CallNextHookEx
PeekMessageA
SetWindowsHookExA
MessageBoxA
GetKeyState

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA

ole32

CoUninitialize
CoInitialize

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestExA
HttpEndRequestA
InternetReadFile
InternetCloseHandle

comctl32

ord17

gdi32

SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
GetClipBox
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SelectObject
CreateBitmap
SaveDC
RestoreDC

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

Exports

Exports

AuthUser

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0d78442df90de5066dedf8fdf4c51a0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

comctl32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 100KB - Virtual size: 98KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 100KB - Virtual size: 98KB

.reloc
Size: 12KB - Virtual size: 11KB