de0316b999ffa3d6a9a18dda041086dffdf73c05512aae63e54a3a6eefb6ff77

Sharing

Copy URL Twitter E-mail

General

Target

de0316b999ffa3d6a9a18dda041086dffdf73c05512aae63e54a3a6eefb6ff77
Size

84KB
MD5

7a95c7fea016b6b706a7ea9d6d02cccb
SHA1

22730585cab12c71f4ce3c2b3941d5694fbad5db
SHA256

de0316b999ffa3d6a9a18dda041086dffdf73c05512aae63e54a3a6eefb6ff77
SHA512

884b8e608309d00026c0978d2ebdf3f2f378d53329b6faa5142c82349595a51dcc4e47a9b86a38876a5b320b8ad39d2a99b728a525d29c1c316bb5646ac6c154
SSDEEP

768:zpqsCpxdKr/m0I9JlFG3HJPZsxssCsF8x1ihQcN06WE+t0BAhi5IUau1SV0T9sz4:FJmyrxI91iHXYV819ASk5O22nD4aM

Score

N/A

Malware Config

Signatures

Files

de0316b999ffa3d6a9a18dda041086dffdf73c05512aae63e54a3a6eefb6ff77
.dll windows x86

6c121681923705a84c304126b0a75e0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileApisToOEM
HeapUnlock
FindFirstVolumeMountPointW
GetLargestConsoleWindowSize
GlobalAddAtomW
SetCommState
CreateActCtxW
CreateToolhelp32Snapshot
SetConsoleScreenBufferSize
DeleteFileW
SetConsoleCtrlHandler
SetErrorMode
SetCommTimeouts
ResumeThread
FileTimeToDosDateTime
InterlockedExchangeAdd
SystemTimeToFileTime
IsDBCSLeadByte
GetNumberFormatW
SetConsoleMode
GetLongPathNameW
GetProfileSectionA
LockResource
GetSystemPowerStatus
SetVolumeLabelW
FileTimeToLocalFileTime
GetCurrentProcessId
GetProcessVersion
Beep
GetProcAddress
VerifyVersionInfoA
GetCurrentDirectoryW
GetModuleHandleExW
GetExitCodeThread
GetProfileStringA
GetStringTypeExW
FindVolumeMountPointClose
LocalAlloc
PeekNamedPipe
GetVolumePathNameW
lstrcpynW
UnregisterWait
GetCalendarInfoW
LoadResource
SetFileAttributesA
GetLogicalDrives
HeapReAlloc
GetFullPathNameW
GetDiskFreeSpaceExW
AddAtomW
GetFileAttributesW
SetEndOfFile
WaitNamedPipeA
GetLocalTime
OpenSemaphoreA
SetStdHandle
EnumResourceNamesW
VirtualQueryEx
GetExitCodeProcess
lstrcpyW
SetProcessShutdownParameters
CreateDirectoryA
VirtualProtect
GetSystemInfo
lstrlenA
CreateFileMappingA
GetModuleHandleA
GetSystemDirectoryA
CopyFileA
OpenEventA
SetLastError
GetSystemTimeAsFileTime
HeapFree
LoadLibraryA
UnmapViewOfFile
EnterCriticalSection
HeapAlloc
FindFirstFileA

ole32

CreatePointerMoniker
StgOpenStorageOnILockBytes
StgOpenStorageEx
SetConvertStg
CoTaskMemRealloc
CreateGenericComposite
CoAddRefServerProcess
OleQueryCreateFromData
OleSave
CoMarshalInterface
GetRunningObjectTable
CreateAntiMoniker
CoWaitForMultipleHandles
CreateBindCtx
CoSwitchCallContext
StgCreateDocfileOnILockBytes
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysFreeString
SysStringLen

shlwapi

PathCombineW
PathRemoveBackslashW
PathAppendA
PathRemoveBlanksW
SHCreateShellPalette
PathMatchSpecW
StrRetToStrW
PathBuildRootW
StrCmpIW
PathStripToRootW
PathFileExistsW
StrCmpNIW
SHSetValueA
PathIsRelativeW
StrDupA
SHCreateStreamOnFileW
StrStrIW
StrChrA
StrCmpNIA

advapi32

GetNumberOfEventLogRecords
StartServiceCtrlDispatcherA
RegUnLoadKeyA
RegisterServiceCtrlHandlerExA
CredFree
CredIsMarshaledCredentialW
RegEnumValueA
RegEnumKeyExA
NotifyChangeEventLog
RegEnumValueW
RegEnumKeyExW
ControlService
CredUnmarshalCredentialW
GetSecurityDescriptorSacl
RegRestoreKeyW
SaferGetPolicyInformation
LogonUserA
ChangeServiceConfigA
RegisterServiceCtrlHandlerA
ChangeServiceConfig2W
RegCreateKeyW
RegQueryValueExA
RegOpenKeyExA
LookupAccountNameA
GetUserNameA
SetSecurityInfo

shell32

SHGetFileInfoW
SHGetFolderLocation
SHCreateDirectoryExW
SHGetFolderPathA
SHCreateShellItem
CommandLineToArgvW
SHBindToParent
SHGetPathFromIDListW

gdi32

RealizePalette
GetWinMetaFileBits
GetSystemPaletteUse
GetCharABCWidthsW
GetWindowExtEx
GetTextMetricsW
SetArcDirection
GetNearestColor
CreateBrushIndirect
EnumEnhMetaFile
SetAbortProc
SetTextColor
SetMagicColors
GetPixel
GetTextExtentExPointW
SetWindowExtEx
SetWorldTransform
SetROP2
AddFontResourceA
GetObjectType
CreateEnhMetaFileW
CopyMetaFileA
ExtFloodFill
Ellipse
GetLayout
GetStockObject
Polygon
FlattenPath
GetOutlineTextMetricsA
GetTextAlign
GetMapMode
StrokeAndFillPath
Pie
FillRgn
SelectObject
DeleteObject
GetTextExtentPointA
ScaleWindowExtEx
AbortDoc
CreateMetaFileW
FillPath
GetKerningPairsA
SetMapperFlags
SwapBuffers
CreateEnhMetaFileA

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c121681923705a84c304126b0a75e0b

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB