de0f534c7ca65b05bf6bb74744002caaa5b79b07270654972a1f8e644c78cf06

Sharing

Copy URL Twitter E-mail

General

Target

de0f534c7ca65b05bf6bb74744002caaa5b79b07270654972a1f8e644c78cf06
Size

80KB
MD5

76a5180201be30c88b728f4b7969ce1c
SHA1

bade67568c73b18c8bee897b35fca63357466097
SHA256

de0f534c7ca65b05bf6bb74744002caaa5b79b07270654972a1f8e644c78cf06
SHA512

5d91cbc2dc16188e4a3f54a86178d8773bd3a99c7cc10ff7e057a7cb6829074f43ad4d58f9ffee06db9b86ec6799f12f18897264ca8aa2ead5f23bcc21caae8e
SSDEEP

1536:92PEf4jgWtzX8yRGc9/C6XOOahQ64YPcZSmH4y0e:UEKgWtzJX9/edi65byn

Score

N/A

Malware Config

Signatures

Files

de0f534c7ca65b05bf6bb74744002caaa5b79b07270654972a1f8e644c78cf06
.dll windows x86

a243d3333eccf7857adfe8bfe7876c0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapAlloc
InterlockedDecrement
GetModuleFileNameA
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
SleepEx
ReadFile
EnumResourceLanguagesW
CreateEventA
lstrcpyW
RtlMoveMemory
VerifyVersionInfoA
TerminateJobObject
FindNextVolumeMountPointW
OpenFileMappingA
PeekConsoleInputA
GetStartupInfoA
BeginUpdateResourceA
FindVolumeMountPointClose
FillConsoleOutputAttribute
GetCommProperties
FindNextVolumeW
OpenMutexW
EnumResourceNamesA
GetTimeFormatA
CompareStringW
MoveFileW
IsProcessorFeaturePresent
IsDBCSLeadByte
GetTapeParameters
GetDiskFreeSpaceExW
BackupRead
CancelIo
DeleteTimerQueueTimer
OpenJobObjectW
GetFileAttributesExA
SetEvent
SetConsoleCursorPosition
WriteProcessMemory
IsBadHugeReadPtr
SetFileTime
ProcessIdToSessionId
lstrcatA
IsBadReadPtr
CreateConsoleScreenBuffer
ExitThread
FindNextChangeNotification
CreateMailslotW
CompareStringA
GetNumberFormatA
WaitForMultipleObjectsEx
GetFileSize

ole32

StgIsStorageILockBytes
CoRegisterMessageFilter
CoCreateInstanceEx
GetHGlobalFromStream
CoGetClassObject
OleCreateFromFile
FreePropVariantArray
OleCreate
CoGetMarshalSizeMax
OleRegGetUserType
OleDraw
CoTaskMemAlloc

user32

PostQuitMessage
DefWindowProcA
KillTimer
SetWindowsHookExA
PostMessageA
UnhookWinEvent
UnhookWindowsHookEx
SendMessageA
DispatchMessageA
GetMenuCheckMarkDimensions
DrawTextExA
CheckMenuRadioItem
InvertRect
DrawIconEx
UnpackDDElParam
ToUnicodeEx
OpenWindowStationW
CreateDialogIndirectParamA
SetActiveWindow
GetPropW
GetDlgItemTextA
InvalidateRgn
DispatchMessageW
RedrawWindow
GetMessagePos
CreateCursor
GetInputState
RegisterWindowMessageW
SetWindowContextHelpId
VkKeyScanA
SetPropW
PeekMessageA
DrawAnimatedRects
DrawStateA
IsCharAlphaNumericW
GetMenuStringW
GetComboBoxInfo
SetDlgItemTextA
GetWindowDC
ToAscii
GetCursor
SendNotifyMessageA
GetFocus
GetMenuStringA
PackDDElParam
GetNextDlgTabItem
GetClassInfoExA
DialogBoxParamW
SetDlgItemInt
PeekMessageW
BringWindowToTop
GetKeyNameTextA
OpenIcon
GetSystemMetrics
ScreenToClient
EnableMenuItem
GetDC
TranslateAcceleratorW
RemovePropA
FreeDDElParam
GetMessageA

oleaut32

SysAllocStringLen
SysReAllocString

shlwapi

StrCpyNW
PathRemoveBackslashW
SHAutoComplete
PathGetArgsW
PathRemoveFileSpecA
SHDeleteKeyA
UrlCombineW
UrlEscapeW
StrNCatW

Exports

Exports

BthCommsHelper

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a243d3333eccf7857adfe8bfe7876c0c

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB