0dc15c60d8d49c08efc9f411129b0f65f8fdf86e12d67659add103c850e4565d

Sharing

Copy URL

Twitter E-mail

General

Target

0dc15c60d8d49c08efc9f411129b0f65f8fdf86e12d67659add103c850e4565d
Size

248KB
MD5

80c8c0a2fe59a5adf0b169b9fe17a0c0
SHA1

0536574f033aacdc66d1e19acf1a05e4c92041bb
SHA256

0dc15c60d8d49c08efc9f411129b0f65f8fdf86e12d67659add103c850e4565d
SHA512

46b6953a731c249ced50cc031a67926d1ded3084de40de8774cfad5db920c8a0cd4331995cf9e8874125cacadf3cc4e1628063fa2a48861f499a27f527d41134
SSDEEP

6144:nxK+XEmPe10I07EFQGH/wPjb6BMiWzN4cw+a:xKDWhfmq54r

Score

N/A

Malware Config

Signatures

Files

0dc15c60d8d49c08efc9f411129b0f65f8fdf86e12d67659add103c850e4565d
.dll windows x86

48ca5ae5c8bf4d0fab7391aaf2b22cd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
FindNextFileA
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
HeapSize
HeapReAlloc
ExitProcess
FileTimeToSystemTime
GetTimeZoneInformation
FindFirstFileA
SetErrorMode
FindClose
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFilePointer
FlushFileBuffers
WriteFile
GetCurrentProcess
GetProcessVersion
GlobalFlags
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
GetVersion
GlobalDeleteAtom
GetModuleHandleA
lstrcatA
GetModuleFileNameA
lstrcpyA
LocalReAlloc
TlsGetValue
MultiByteToWideChar
InterlockedDecrement
GlobalAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
GlobalReAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
lstrcpynA
CloseHandle
lstrcmpA
GetLastError
SetLastError
InterlockedIncrement
LocalFree
lstrlenA
GetStringTypeA
GetStringTypeW
TerminateProcess
GetACP
GetProcAddress

ole32

CoCreateInstance
OleRun

oleaut32

GetErrorInfo
VariantInit
VariantClear
VariantCopy
SysAllocString
SysFreeString
VariantChangeType

comctl32

ord17

user32

GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
AdjustWindowRectEx
SetFocus
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
SendMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetClientRect
GetDlgItem
CopyRect
GetSystemMetrics
GetWindowRect
GetWindow

gdi32

SetBkColor
GetObjectA
SetTextColor
DeleteObject
DeleteDC
GetDeviceCaps
SaveDC
RestoreDC
GetStockObject
SelectObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
CreateBitmap
GetClipBox
ScaleWindowExtEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

Exports

Exports

CloseDataBase
CloseEngine
CloseTM
DeleteSentence2
DeleteSentence4
GetMatchSentence
GetMatchSentence2
GetMatchSentence4
GetSearchDataBaseInfo2
InitializeTM
OpenDataBase
SaveNewSentence2
SaveNewSentence4
SetCodePage
SetEngChiDLL
UpdateSentence2

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48ca5ae5c8bf4d0fab7391aaf2b22cd4

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

comctl32

user32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 30KB

.reloc Size: 16KB - Virtual size: 15KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 30KB

.reloc
Size: 16KB - Virtual size: 15KB

.rmnet
Size: 60KB - Virtual size: 60KB