81be1da6693e11ac6944b8283508226195d3571c53615e0bd48a3e54d4fa6513

Sharing

Copy URL Twitter E-mail

General

Target

81be1da6693e11ac6944b8283508226195d3571c53615e0bd48a3e54d4fa6513
Size

164KB
MD5

a0fb40cf2338819bbcd01a856e8fecf0
SHA1

d91874f2451c2d9c071b6416f6c245aed3974acc
SHA256

81be1da6693e11ac6944b8283508226195d3571c53615e0bd48a3e54d4fa6513
SHA512

9eb8329eefc116f20f277b21a7de5eafd0ff245ee852559de2f8101aa508f9f7260ad992cfedf330da46026035cb249264c9f3c460761506a6bb65419e9e349b
SSDEEP

3072:jbXif6frWQC9YRZz2ArWqGwooR8yiW6es1HKsqY6mE9GDyqfjL5RGSQOWM:PXJ290XL8ptHK5Y6mEEZjzGxO

Score

N/A

Malware Config

Signatures

Files

81be1da6693e11ac6944b8283508226195d3571c53615e0bd48a3e54d4fa6513
.dll windows x86

42ae50849f620f53f9c0d02b4f9849e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClientToScreen
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
TabbedTextOutW
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowLongW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCursor
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScrollDC
RemovePropW
ReleaseDC
RegisterWindowMessageW
RegisterClassW
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
ModifyMenuW
MapWindowPoints
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
CheckMenuItem
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetShellWindow
GetPropW
GetParent
GetMessageW
GetMessageTime
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetLastActivePopup
GetKeyState
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetActiveWindow
EndDialog
EnableMenuItem
DrawTextW
DrawTextExW
DispatchMessageW
DestroyWindow
DestroyMenu
DdeSetUserHandle
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
BeginPaint
IsDialogMessageW
AdjustWindowRectEx

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

shell32

SHGetFolderPathW
SHGetDataFromIDListA
SHFreeNameMappings

advapi32

RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
UninstallApplication

kernel32

WriteConsoleW
WriteConsoleA
WideCharToMultiByte
VirtualProtect
VirtualFree
VirtualAlloc
VerSetConditionMask
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
TerminateJobObject
Sleep
SizeofResource
SetUnhandledExceptionFilter
WriteFile
SetStdHandle
SetLastError
WritePrivateProfileStringW
SetFilePointer
SetEvent
SetErrorMode
SetCriticalSectionSpinCount
SetCommState
ReadFile
RaiseException
QueryPerformanceCounter
OpenThread
LockResource
LocalReAlloc
LocalFree
LocalAlloc
LoadLibraryW
LCMapStringW
LCMapStringA
IsValidCodePage
IsSystemResumeAutomatic
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
Heap32ListNext
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalCompact
GlobalAlloc
GetVersion
_lclose
lstrcmpW
lstrlenW
SetInformationJobObject
GetStdHandle
GetSystemDefaultUILanguage
GetThreadLocale
SetSystemPowerState
GetCPInfo
BackupSeek
CloseHandle
CompareStringW
ConvertDefaultLocale
CreateFileA
DebugBreak
DeviceIoControl
EnterCriticalSection
EnumResourceLanguagesW
EscapeCommFunction
ExitProcess
FindCloseChangeNotification
FindResourceW
FlushConsoleInputBuffer
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetStartupInfoA
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetProcessTimes
GetTickCount

gdi32

SetBkColor
SelectObject
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
OffsetViewportOrgEx
GetStockObject
GetObjectW
GetDeviceCaps
GetClipBox
ExtTextOutW
Escape
DeleteObject
DeleteDC
CreateBitmap
AbortDoc
TextOutW
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetMapMode

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

VariantClear
VariantInit
VariantChangeType

Exports

Exports

AStartUp
CommitTransaction
CreateQuery
PszAllocA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42ae50849f620f53f9c0d02b4f9849e2

Headers

DLL Characteristics

File Characteristics

Imports

user32

winspool.drv

shell32

advapi32

kernel32

gdi32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 14KB - Virtual size: 15KB

.rsrc Size: 1024B - Virtual size: 972B

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 14KB - Virtual size: 15KB

.rsrc
Size: 1024B - Virtual size: 972B