1fbf4269ddff11fb6de1d4d4811481e080c21eecbe5afe6452c57b43cdc6cf00

Sharing

Copy URL Twitter E-mail

General

Target

1fbf4269ddff11fb6de1d4d4811481e080c21eecbe5afe6452c57b43cdc6cf00
Size

354KB
MD5

91fc827fa0f99cb8d9d3af74fe4bbdb2
SHA1

804847b190294f0d45937f0cee6d9f3bd62b68cd
SHA256

1fbf4269ddff11fb6de1d4d4811481e080c21eecbe5afe6452c57b43cdc6cf00
SHA512

732c81e3032b7a615787d3650210277eac4e09da4e61aacffc327ef922f71cf551a8fdf12149fef7aabc74140ee7405dcd00182533ed8fc0abd7c978424bcda2
SSDEEP

6144:WHczjRS2oU3kgpvXxC1IT+KpdPJTk96dAD:/RS2oUzvVT+KpdY

Score

N/A

Malware Config

Signatures

Files

1fbf4269ddff11fb6de1d4d4811481e080c21eecbe5afe6452c57b43cdc6cf00
.dll windows x86

662e1ba22f62c50dd4ba310e44aafebb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantClear
LoadRegTypeLi
VariantChangeType
VarUI4FromStr
SysStringLen
SysStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString
RegisterTypeLi
OleCreatePropertyFrame
OleCreateFontIndirect
LoadTypeLi

user32

CopyImage
CloseWindowStation
CloseDesktop
ClientToScreen
CopyRect
CharUpperW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
CheckMenuItem
CreateCursor
CreateDesktopW
CreateDialogIndirectParamW
keybd_event
WinHelpW
WaitMessage
WaitForInputIdle
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
ToAsciiEx
TabbedTextOutW
SystemParametersInfoA
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowLongW
SetPropW
SetProcessWindowStation
SetLayeredWindowAttributes
SetForegroundWindow
SetFocus
SetDebugErrorLevel
SetCursor
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
RegisterWindowMessageW
RegisterShellHookWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PeekMessageW
PeekMessageA
PackDDElParam
OpenInputDesktop
ModifyMenuW
MessageBoxW
MapWindowPoints
MapDialogRect
LockSetForegroundWindow
LoadStringW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindow
IsRectEmpty
IsIconic
IsClipboardFormatAvailable
InternalGetWindowText
InSendMessage
ImpersonateDdeClientWindow
GrayStringW
GetWindowTextW
GetWindowTextLengthW
GetWindowPlacement
GetWindowLongW
GetWindowContextHelpId
GetUserObjectInformationW
GetThreadDesktop
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetQueueStatus
GetPropW
GetProcessWindowStation
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetInputState
GetForegroundWindow
GetFocus
GetDlgCtrlID
GetCursorPos
GetCursorInfo
GetClipboardSequenceNumber
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCaretBlinkTime
GetCapture
GetAsyncKeyState
GetActiveWindow
FlashWindow
FillRect
ExitWindowsEx
EndPaint
EndDialog
EnableScrollBar
EnableMenuItem
DrawTextW
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DefWindowProcW
DdeUnaccessData
DdeClientTransaction
DdeAbandonTransaction
CreateWindowStationW
CreateWindowExW

wsock32

ioctlsocket
getsockname
gethostname
gethostbyname
WSAStartup
inet_addr
WSACleanup

advapi32

RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
QueryServiceStatus
OpenServiceA
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
ControlService
CloseServiceHandle
ChangeServiceConfigA
AdjustTokenPrivileges
StartServiceA

winmm

waveOutPrepareHeader
waveOutOpen
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutGetDevCapsA
waveOutClose
PlaySoundA
mixerClose
mixerGetControlDetailsA
mixerGetDevCapsA
mixerGetID
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
mixerSetControlDetails
mmioAscend
mmioClose
mmioDescend
mmioOpenA
mmioRead
mmioSeek
waveInAddBuffer
waveInClose
waveInGetDevCapsA
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutGetNumDevs

kernel32

TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetPriorityClass
SetLastError
SetFilePointer
SetEvent
TerminateThread
SetEndOfFile
RtlUnwind
ResumeThread
ResetEvent
ReleaseMutex
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
OpenProcess
UnhandledExceptionFilter
MultiByteToWideChar
MulDiv
LockResource
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetUserDefaultLCID
GetTimeFormatA
GetTickCount
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetSystemDefaultLCID
GetStringTypeExA
GetStartupInfoA
GetShortPathNameA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPriorityClass
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
OpenEventA
SetErrorMode
FindClose
FileTimeToSystemTime
DuplicateHandle
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMutexA
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringA
CompareFileTime
SystemTimeToFileTime
EnterCriticalSection
GetLastError
GetFileAttributesA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FreeResource
FreeLibrary
FormatMessageA
FlushInstructionCache
FindResourceA
FindNextFileA
FindFirstFileA
CloseHandle

gdi32

LPtoDP
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32A
GetSystemPaletteUse
GetSystemPaletteEntries
GetStockObject
GetObjectA
GetMapMode
GetDeviceCaps
ExtTextOutA
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreatePalette
CreateFontIndirectA
CreateDIBSection
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RealizePalette
PatBlt
MoveToEx
LineTo

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked
CreateToolbarEx
ord6
ord8
ImageList_ReplaceIcon
InitCommonControlsEx
PropertySheetA
ImageList_DrawEx

opengl32

glAccum
glVertex4f
wglGetPixelFormat
glTexCoord3fv
glPixelTransferi
glNormal3fv
glBlendFunc
glClearAccum
glColor3bv
glCullFace
glEvalCoord1d
glEvalCoord1dv
glEvalCoord2dv
glFogfv
glGetFloatv
glLightModelf
glTexCoord4dv

shlwapi

StrChrA
StrCmpNIA

crypt32

CertGetIssuerCertificateFromStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCreateCertificateContext
CertCloseStore
CertGetSubjectCertificateFromStore
CertNameToStrA
CertOpenStore
CertOpenSystemStoreA
CertFreeCertificateContext

msvcrt

_adjust_fdiv
_acmdln
_cexit
_controlfp
_except_handler3
_exit
_initterm
_purecall
exit
free
malloc
memmove
realloc
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_c_exit

ole32

CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemRealloc
CoUninitialize
CreateOleAdviseHolder
CreateStreamOnHGlobal
IsAccelerator
OleInitialize
OleLockRunning
OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
OleSaveToStream
OleUninitialize
StringFromCLSID
WriteClassStm
CoRegisterMessageFilter
CoRegisterClassObject
CoInitializeEx
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
Shell_NotifyIconA
SHGetMalloc
SHGetFileInfoA

Sections

.text
Size: 218KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

662e1ba22f62c50dd4ba310e44aafebb

Headers

File Characteristics

Imports

oleaut32

user32

wsock32

advapi32

winmm

kernel32

gdi32

comctl32

opengl32

shlwapi

crypt32

msvcrt

ole32

shell32

Sections

.text Size: 218KB - Virtual size: 220KB

.rdata Size: 30KB - Virtual size: 31KB

.data Size: 22KB - Virtual size: 23KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 218KB - Virtual size: 220KB

.rdata
Size: 30KB - Virtual size: 31KB

.data
Size: 22KB - Virtual size: 23KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 72KB - Virtual size: 71KB