7ee66a95b917f63d7671208b112e87eb187e363f94d76177f0729fc4289f6f68

Sharing

Copy URL Twitter E-mail

General

Target

7ee66a95b917f63d7671208b112e87eb187e363f94d76177f0729fc4289f6f68
Size

448KB
MD5

6456c06719fc399fb0530b0b843170f0
SHA1

c43a62d65d564ac4f45f1559fb8ba0afa6923cbf
SHA256

7ee66a95b917f63d7671208b112e87eb187e363f94d76177f0729fc4289f6f68
SHA512

1af6931cbe86064ca73b4f9538a875efb31bcb634b1b74e2527e73efeefe1a8ad3954baea32789bfedf21bed4609f00e4f8c7f99795d78a3f720eb8ef25f04ca
SSDEEP

6144:v68AefiuRJAhTF0AhSo+pnl3ByGAfgCs7:+QxRypcpnlif

Score

N/A

Malware Config

Signatures

Files

7ee66a95b917f63d7671208b112e87eb187e363f94d76177f0729fc4289f6f68
.dll windows x86

1260f10b6ced27dfa04acfd93aa15389

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalHandle
GlobalFree
GetTempFileNameA
SetLastError
GetFullPathNameA
GetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
EnumSystemLocalesA
GetLocaleInfoA
MapViewOfFile
CreateFileMappingA
GetTickCount
LocalReAlloc
SearchPathA
GetSystemDirectoryA
GetVersionExA
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
SetCurrentDirectoryA
SetEnvironmentVariableA
GetCommandLineA
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetFileAttributesA
HeapFree
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
lstrcmpiA
FreeLibrary
HeapSize
HeapAlloc
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
_lread
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
SetFilePointer
LocalFree
LocalAlloc
IsDBCSLeadByte
GetUserDefaultLCID
_lopen
GetFileSize
_lwrite
_lcreat
GetLastError
_lclose
_llseek
GetWindowsDirectoryA
DeleteFileA
LCMapStringA
VirtualAlloc
VirtualFree
CloseHandle
ExitThread
WaitForSingleObject
Sleep
CreateSemaphoreA
CreateThread
ReleaseSemaphore
lstrlenA
MulDiv
LoadLibraryA
GetProcAddress
FormatMessageA
GetVolumeInformationA
OpenFile
FatalAppExitA
GetVersion
CompareStringA
LCMapStringW
HeapReAlloc
LeaveCriticalSection
GetStringTypeW

user32

GetClassNameA
GetDC
ReleaseDC
FrameRect
GetSystemMetrics
DestroyWindow
CreateWindowExA
SetRect
CallWindowProcA
GetParent
FindWindowA
IsWindowVisible
InvalidateRect
IsWindow
SetCursor
LoadStringA
MessageBoxA
CharLowerA
CharNextA
ScreenToClient
CharPrevA
SetWindowPos
ShowWindow
SendDlgItemMessageA
wsprintfA
SetFocus
GetDlgItem
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
PostMessageA
EndDialog
SetWindowLongA
WinHelpA
GetDesktopWindow
GetWindowRect
SystemParametersInfoA
MoveWindow
DialogBoxParamA
SendMessageA
EnumChildWindows
BeginPaint
GetSysColor
GetClientRect
FillRect
EndPaint
CharUpperA
CreateDialogParamA
DefWindowProcA
LoadCursorA
RegisterClassA

gdi32

DeleteObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
SetMapMode
SelectObject
CreateCompatibleDC
CreateDCA
CreateICA
DeleteDC
SelectPalette
RealizePalette
CreatePen
BitBlt
CreateCompatibleBitmap
CreatePalette
GetDIBits
GetTextExtentPointA
StretchDIBits
CreateDIBSection
GetPaletteEntries
CreateHalftonePalette
GetTextFaceA
GetTextMetricsA
CreateSolidBrush

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

comctl32

CreatePropertySheetPageA
PropertySheetA

Exports

Exports

BrowseButtonsState
CheckMacroSyntax
ConvertMacroError
ExpandMacro
FreeFilterDIB
GetLastMacroError
GetMacroExpansion
HashFromSz
HwDllMsg
InitializeMacroChecking
IsValidContextSz
LoadFilterImage

Sections

.text
Size: 400KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1260f10b6ced27dfa04acfd93aa15389

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 400KB - Virtual size: 402KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 17KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 400KB - Virtual size: 402KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 17KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 9KB - Virtual size: 9KB