d70fde494015188b35898bbbbfa6d53490b60bfe394c03dd49d984870334ddb0

Sharing

Copy URL Twitter E-mail

General

Target

d70fde494015188b35898bbbbfa6d53490b60bfe394c03dd49d984870334ddb0
Size

300KB
MD5

1bdf832f4972d4ba959ed685178a09b0
SHA1

8795e87849cb52fb17081261a8be61b28b7cc93e
SHA256

d70fde494015188b35898bbbbfa6d53490b60bfe394c03dd49d984870334ddb0
SHA512

4f4434870dde5d73e779902c7fd3d43f3906e99500e5fe75b1d3d9d8b68d8206841790ab711af9c97c2beda0bd16e01c503274dafa4510604c0bde0f50951002
SSDEEP

6144:S1a3bbAagAjD5OoCNwQnFOcVAXcdO0Alm:4a3yAjywQnFOgN

Score

N/A

Malware Config

Signatures

Files

d70fde494015188b35898bbbbfa6d53490b60bfe394c03dd49d984870334ddb0
.dll windows x86

ea2eecfe153928211f42d5acfe943cc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
MulDiv
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
SetLastError
InterlockedExchange
LocalFree
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCurrentProcess
GetConsoleMode
GetConsoleCP
SetFilePointer
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
FindResourceA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
WriteFile
ExitProcess
HeapSize
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
HeapDestroy
RtlUnwind
GetCommandLineA
lstrcmpA
lstrlenW
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
GetCurrentThreadId
GlobalFree
GlobalHandle
RaiseException
FreeLibrary
InitializeCriticalSection
GetLastError
GetModuleHandleA
LoadLibraryExA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
SizeofResource
IsDBCSLeadByte
GetCurrentProcessId

user32

CharNextA
UnregisterClassA
GetClientRect
GetDC
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
IsWindow
FrameRect
DestroyWindow
SendMessageA
GetDlgItem
SetWindowLongA
GetClassNameA
DestroyAcceleratorTable
DefWindowProcA
GetSysColor
BeginPaint
FillRect
MessageBoxA
ReleaseDC
IsChild
GetFocus
SetFocus
GetWindowLongA
RedrawWindow
GetParent
EndPaint
CreateAcceleratorTableA
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
InvalidateRect
InvalidateRgn
GetDesktopWindow
CreateWindowExA
MapDialogRect
GetWindow
SetWindowPos
SetWindowContextHelpId
CreateDialogIndirectParamA
CallWindowProcA
LoadCursorA
GetClassInfoExA
RegisterClassExA
ShowWindow

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SelectObject
DeleteDC
GetDeviceCaps
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoGetClassObject
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
StringFromGUID2
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance

oleaut32

SysStringLen
VariantClear
SysAllocString
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
DispCallFunc
VariantInit
SysAllocStringLen
VarUI4FromStr

comctl32

ImageList_LoadImageA
InitCommonControlsEx

Exports

Exports

InitModuleInterface
ShowDlg

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea2eecfe153928211f42d5acfe943cc3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 60KB - Virtual size: 57KB

.reloc Size: 16KB - Virtual size: 12KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 16KB - Virtual size: 12KB

.rmnet
Size: 60KB - Virtual size: 60KB