dceca015063885979183b7b4332293d5a8aa4037e4be9d0cbfa4319c078c2de8

Sharing

Copy URL Twitter E-mail

General

Target

dceca015063885979183b7b4332293d5a8aa4037e4be9d0cbfa4319c078c2de8
Size

73KB
MD5

2aa36bf97316dad72554c33495f1a921
SHA1

3535f7ceeee472b9edef7e0b7da77fcc5e384d0f
SHA256

dceca015063885979183b7b4332293d5a8aa4037e4be9d0cbfa4319c078c2de8
SHA512

14e35cdb10294ad31f942ba203ec2872daa7dd81c15417b6b09bcada1e1e6ccbf326eb5b49673d2e2437ae1df8a249c9d29e72549af59c90a37364f3f3d5ab14
SSDEEP

1536:bcq8GtWo2BnU0eQmgHQT5tWGMX829CaIOcVnToIf97FpJp:bBXye7gHQTKbc9TBf97FpJ

Score

N/A

Malware Config

Signatures

Files

dceca015063885979183b7b4332293d5a8aa4037e4be9d0cbfa4319c078c2de8
.dll windows x86

ab04d119179719aa09f7738b3ee2e166

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalUnlock
lstrcpyA
GlobalSize
GlobalLock
GetPrivateProfileIntA
WriteProcessMemory
ReadProcessMemory
GetTickCount
VirtualQueryEx
GetProcAddress
LoadLibraryA
DeleteFileA
GetFileSize
ReadFile
WriteFile
OutputDebugStringA
GetLocalTime
GlobalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
InitializeCriticalSection
GetQueuedCompletionStatus
DeleteCriticalSection
CreateIoCompletionPort
CancelIo
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetCurrentProcess
GetSystemInfo
CreateMutexA
GetLastError
GetCommandLineA
CreateEventA
ResetEvent
GetCurrentThreadId
SetEvent
CloseHandle
GetModuleFileNameA
Sleep
WritePrivateProfileStringA
WaitForSingleObject
CreateDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
FreeResource

user32

PeekMessageA
wsprintfA
SendMessageA
IsWindowVisible
IsWindow
FindWindowA
FindWindowExA
UnhookWindowsHookEx
SetWindowsHookExA
DispatchMessageA
TranslateMessage
CloseClipboard
SetFocus
DefWindowProcA
PostQuitMessage
ClientToScreen
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
CallNextHookEx
PostMessageA
GetDC
ReleaseDC

gdi32

GetPixel
DeleteDC
TextOutA
SetTextColor
SetBkColor
SelectObject
CreateFontA
CreateCompatibleBitmap
DeleteObject
CreateCompatibleDC

advapi32

RegSetValueExA
GetUserNameA
RegCreateKeyA
RegCloseKey

shell32

SHGetFolderPathA

ole32

CreateStreamOnHGlobal

gdiplus

GdipSaveImageToStream
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromGdiDib
GdipGetImageEncodersSize
GdipGetImageEncoders

msvcr71

_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
vsprintf
_initterm
_except_handler3
__security_error_handler
strrchr
sprintf
wcscmp
memcmp
atoi
memset
malloc
free
strcpy
strcat
strlen
_mbsrchr
_mbsicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_beginthreadex
__CxxFrameHandler
memcpy

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dnsapi

DnsRecordListFree
DnsQuery_A

ws2_32

shutdown
WSARecv
setsockopt
closesocket
WSAConnect
htons
WSASocketA
WSACleanup
WSASend
WSAStartup
inet_addr
WSAGetLastError
WSAIoctl

Exports

Exports

RunForRundll32

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab04d119179719aa09f7738b3ee2e166

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

gdiplus

msvcr71

version

dnsapi

ws2_32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 408B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 408B

.reloc
Size: 2KB - Virtual size: 2KB