04d95de5117e0e31549b60184bb583ae1a164bb7607509f6a2b3e4e64ded3dd7

Sharing

Copy URL Twitter E-mail

General

Target

04d95de5117e0e31549b60184bb583ae1a164bb7607509f6a2b3e4e64ded3dd7
Size

312KB
MD5

8183b48af72a408b61f278f374011120
SHA1

ddc40daf4a1de3c415bbb4df15ce9369b36481e7
SHA256

04d95de5117e0e31549b60184bb583ae1a164bb7607509f6a2b3e4e64ded3dd7
SHA512

ded55028877485490c10da9420e7eb095d9932366b568a8c587b01bca9fbf43d3e74e694f9f6ead6f5e22ff1a72ff5b71c7667fbc18df11a57270b36e93ad597
SSDEEP

6144:Ws8vIXnnU4hTPLfiJiUHvIGDSMMHMMM6MMZMMMglMMMOMMeUMMrpvtGv3s20W4zE:WJ4puMwSMMHMMM6MMZMMMglMMMOMMeUQ

Score

N/A

Malware Config

Signatures

Files

04d95de5117e0e31549b60184bb583ae1a164bb7607509f6a2b3e4e64ded3dd7
.dll windows x86

1739620946703385e1c31e6a0f493cca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_onexit
_vsnwprintf
_amsg_exit
_XcptFilter
_vsnprintf
_itow_s
memcpy_s
_unlock
iswalpha
wcschr
free
malloc
_lock
_except_handler4_common
_initterm
memcmp
memcpy
memset

ieframe

ord159
ord163

kernel32

GetLocalTime
GetUserDefaultLCID
CopyFileW
GlobalLock
GlobalUnlock
WideCharToMultiByte
FileTimeToSystemTime
GetLocaleInfoW
GetTickCount
LoadLibraryW
GetProcAddress
FreeLibrary
GetACP
LocalFileTimeToFileTime
CompareStringA
LocalReAlloc
HeapAlloc
GetProcessHeap
HeapFree
GetSystemTimeAsFileTime
GetWindowsDirectoryW
lstrcmpiA
GetDateFormatW
GetTimeFormatW
MultiByteToWideChar
DisableThreadLibraryCalls
CreateFileW
GetLastError
CloseHandle
lstrcmpA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
ActivateActCtx
FormatMessageW
LocalFree
LocalAlloc
ExpandEnvironmentStringsA
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
LoadLibraryExA
GetModuleHandleW
DeactivateActCtx
CreateActCtxW
RaiseException
lstrlenW
lstrcmpW
GetPrivateProfileStringW
SetLastError
lstrlenA
LoadLibraryExW
GetModuleFileNameW
ReleaseActCtx

user32

LoadStringW
SendMessageW
RegisterClipboardFormatW
RegisterClassW
SetWindowLongW
DestroyWindow
GetWindowLongW
DefWindowProcW
PostMessageW
SetTimer
KillTimer
LoadMenuW
DestroyMenu
GetDesktopWindow
SetCursor
LoadCursorW
GetSystemMetrics
MessageBoxW
GetWindowTextW
GetSysColor
GetClientRect
IsWindow
GetMenuItemCount
GetMenuItemInfoW
CreatePopupMenu
RemoveMenu
GetSubMenu
DispatchMessageW
PeekMessageW
RemovePropW
SetPropW
GetPropW
GetForegroundWindow
CheckRadioButton
CheckDlgButton
GetParent
ShowWindow
EnableWindow
SetMenuDefaultItem
EnableMenuItem
LoadIconW
SetDlgItemInt
CreateWindowExW
MessageBoxIndirectW
FindWindowW
RegisterWindowMessageW
DestroyIcon
GetWindowThreadProcessId
SendDlgItemMessageW
IsDlgButtonChecked
GetDlgItemInt
GetDlgItem
GetDlgItemTextW
DialogBoxParamW
EndDialog
SetDlgItemTextW
LoadImageW

shlwapi

SHRegGetValueW
SHGetValueW
StrCmpIW
SHDeleteKeyW
StrChrW
ord158
StrDupW
ord215
StrRChrW
StrCmpNIW
ord15
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathIsURLW
ord219
StrFormatByteSizeW
SHStrDupW
ord217
PathRemoveBlanksW
UrlCompareW
StrTrimW
ord354
StrCmpW
SHEnumValueW
PathStripPathW
ord346
UrlCombineW
StrSpnA
StrCSpnA

iertutil

ord78
ord81
ord75
ord85
ord9
ord753
ord791
ord751

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1739620946703385e1c31e6a0f493cca

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ieframe

kernel32

user32

shlwapi

iertutil

advapi32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 54KB - Virtual size: 53KB

.reloc Size: 11KB - Virtual size: 10KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 132KB - Virtual size: 131KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 54KB - Virtual size: 53KB

.reloc
Size: 11KB - Virtual size: 10KB

.text
Size: 108KB - Virtual size: 112KB