6b52251313807c832b85fd8284d55b74337bd3814632d7e81e738d889694792e

Sharing

Copy URL Twitter E-mail

General

Target

6b52251313807c832b85fd8284d55b74337bd3814632d7e81e738d889694792e
Size

390KB
MD5

4072c98c0494bbec94202e7d00cc2760
SHA1

086fcb3e6730ce996cb0f68b8661d545a5a1ff84
SHA256

6b52251313807c832b85fd8284d55b74337bd3814632d7e81e738d889694792e
SHA512

0503cbcdfc4efac8542f9c664d8b2337473e90127f63c4a2ce671c1b4c732ec5237f2f8d97f927d0ce519e1669e8b31aa0dbdfa8e0124b2341d8b24982961ffe
SSDEEP

6144:m+4KaRlk/4JltsoQgX3uNAJdh69clW3Tz8PyPYKCD/1oNboDqTs7DLjVbC3cV:m+4KEl44JlOU3uNN9gPyQnOCDNycV

Score

N/A

Malware Config

Signatures

Files

6b52251313807c832b85fd8284d55b74337bd3814632d7e81e738d889694792e
.dll windows x86

53faad9209107b511526a1857e54e5ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetFileAttributesA
GetFileSizeEx
GetFileTime
GlobalFlags
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
InterlockedExchange
GetLocaleInfoA
GetCPInfo
GetOEMCP
HeapFree
HeapAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
RtlUnwind
RaiseException
SetStdHandle
TlsSetValue
ExitProcess
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
GetStdHandle
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
GetModuleHandleW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
lstrcmpA
GlobalGetAtomNameA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
CompareStringA
TlsFree
FreeEnvironmentStringsA
LocalReAlloc
GetCurrentProcessId
OutputDebugStringA
GetCurrentThreadId
VirtualProtect
CreateMutexA
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFileAttributesA
RemoveDirectoryA
Sleep
SetUnhandledExceptionFilter
FindNextFileA
CreateFileMappingA
FindClose
FindFirstFileA
FileTimeToSystemTime
UnmapViewOfFile
MapViewOfFile
DuplicateHandle
GetCurrentDirectoryA
GetFileType
CreateDirectoryA
ReadFile
WriteFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
DosDateTimeToFileTime
DeleteFileA
OpenEventA
MoveFileA
GetLocalTime
ResetEvent
CreateEventA
GetTickCount
WaitForSingleObject
GetFileSize
CreateFileA
ResumeThread
WriteProcessMemory
VirtualProtectEx
VirtualAlloc
SetLastError
TerminateProcess
CreateProcessA
ReadProcessMemory
VirtualQueryEx
VirtualFree
SetThreadContext
GetThreadContext
CloseHandle
GetVersionExA
CreateToolhelp32Snapshot
GetModuleHandleA
GetModuleFileNameA
Process32Next
LoadLibraryA
GetProcAddress
GetLastError
GetLogicalDriveStringsA
LoadLibraryW
OpenProcess
GetWindowsDirectoryA
Process32First
QueryDosDeviceA
GetCurrentProcess
InterlockedDecrement
FreeLibrary
lstrlenA
GetComputerNameA
LockResource
MultiByteToWideChar
SizeofResource
WideCharToMultiByte
LoadResource
HeapSize
FindResourceA

user32

DestroyMenu
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
GetWindowPlacement
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
SetWindowPos
SetWindowLongA
IsWindow
GetDlgItem
GetClientRect
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetWindowTextA
UnhookWindowsHookEx
CharUpperA
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageA
PostMessageA
DispatchMessageA
IsIconic

gdi32

OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
TextOutA
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
SetViewportExtEx

comdlg32

GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteValueA
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueA
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyA
CheckTokenMembership
GetUserNameA
FreeSid
AllocateAndInitializeSid
DuplicateTokenEx
RegOpenKeyExA
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
OpenProcessToken

shell32

ShellExecuteExA
SHGetSpecialFolderPathA
SHChangeNotify

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFileExistsA
UrlGetPartA

dbghelp

MiniDumpWriteDump
MakeSureDirectoryPathExists

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo
GetExtendedUdpTable
GetExtendedTcpTable

psapi

GetProcessImageFileNameA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VariantChangeType
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

ws2_32

WSAStartup
htons
WSACleanup
connect
socket
closesocket
gethostbyname
send
ntohs
inet_addr
recv

wininet

HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetConnectA
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetWriteFile
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenA
InternetReadFile
InternetCrackUrlA
InternetOpenUrlA

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53faad9209107b511526a1857e54e5ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

dbghelp

version

iphlpapi

psapi

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 240KB - Virtual size: 240KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 32KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 240KB - Virtual size: 240KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 32KB

.rmnet
Size: 56KB - Virtual size: 60KB