dd5c7a222505657e7985ddac213fa6a7ac64e1004e8451896d204527db1d5692

Sharing

Copy URL Twitter E-mail

General

Target

dd5c7a222505657e7985ddac213fa6a7ac64e1004e8451896d204527db1d5692
Size

404KB
MD5

460e85e0cfcbe75c4ce74e49c79d72c1
SHA1

8e5e24e40b1e06c5610bf053bcd9b6d89c896015
SHA256

dd5c7a222505657e7985ddac213fa6a7ac64e1004e8451896d204527db1d5692
SHA512

6cb6130fff3b883a16d8bc87cf4a76efedd5909cc22918b7259a102b52259640f1912b215eaf458ec31d1f12b007d3bee29accc23b5bace04d0298374a909bba
SSDEEP

6144:S7CPwu8YqsoI0kLyyAyiQG4U5mNil3jnKlrLjRwddKKlRjsuPkql0y/jP3Ht:/3r1z0kT24U5/MLjRwdWuMydL3Ht

Score

N/A

Malware Config

Signatures

Files

dd5c7a222505657e7985ddac213fa6a7ac64e1004e8451896d204527db1d5692
.dll windows x86

de57b58b939e1f83c7090a95c9a2fffc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
RaiseException
ExitProcess
RtlUnwind
GetProcessHeap
GetCommandLineA
IsValidCodePage
VirtualAlloc
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SuspendThread
CreateEventA
ResumeThread
SetEvent
FindResourceA
LoadResource
LockResource
SizeofResource
GetUserDefaultLCID
GlobalUnlock
GlobalLock
GetVersionExA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetVolumeInformationA
Sleep
ExitThread
FreeLibrary
GetExitCodeThread
WaitForSingleObject
CreateThread
CreateProcessA
GetShortPathNameA
GetVersion
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
GlobalAlloc
GlobalFree
GlobalHandle
SetFilePointer
MoveFileA
lstrcmpA
GetDateFormatA
GetLocalTime
lstrcatA
DeleteFileA
FindClose
FindFirstFileA
RemoveDirectoryA
GetLongPathNameA
GetTempPathA
ReadFile
CloseHandle
WriteFile
HeapReAlloc
HeapFree
HeapAlloc
GetFileAttributesA
CreateFileA
GetTempFileNameA
GetModuleFileNameA
FindNextFileA
CreateDirectoryA
LocalFree
FormatMessageA
GetLastError
lstrcpyA
lstrlenA
LoadLibraryA
GetProcAddress
GetOEMCP
GetCPInfo
GetCurrentProcess
FlushFileBuffers
GetThreadLocale
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
InitializeCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
SetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GetModuleHandleA
GetCurrentThreadId
SetThreadPriority
TlsAlloc

user32

GetSysColorBrush
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DestroyMenu
DrawTextExA
DrawTextA
TabbedTextOutA
LoadCursorA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
PostThreadMessageA
UpdateWindow
InvalidateRect
wsprintfA
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA
GetDlgItem
MessageBoxA
DialogBoxParamA
GetWindowLongA
SendMessageA
GetParent
SendDlgItemMessageA
EnumChildWindows
GetWindowTextA
SetForegroundWindow
SetWindowPos
DispatchMessageA
TranslateMessage
PeekMessageA
PostMessageA
FindWindowA
PostQuitMessage
ValidateRect
GetCursorPos
GetKeyState
IsWindowVisible
GetActiveWindow
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowThreadProcessId
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetSubMenu
GetMenuItemCount
GetMenuItemID
UnhookWindowsHookEx
UnregisterClassA
GetWindow
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetWindowLongA
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
PtInRect
CopyRect
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
GetMenu
GetClientRect
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
IsWindow
RemovePropA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathFindExtensionA
PathFindFileNameA

wininet

FtpGetFileA
FtpFindFirstFileA
InternetConnectA
InternetOpenA
InternetFindNextFileA
InternetCloseHandle

gdi32

GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateDCA
DeleteDC
GetDeviceCaps
EndDoc
EndPage
StartPage
StartDocA
SetViewportOrgEx

comdlg32

PrintDlgA

winspool.drv

DocumentPropertiesA
OpenPrinterA
EnumPrintersA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteExA
SHFileOperationA
ShellExecuteA

ole32

OleInitialize
CLSIDFromString
CoCreateInstance
OleUninitialize

oleaut32

VariantInit
SysAllocString
VariantClear
VariantChangeType
SysFreeString
SysStringLen

ltdis12n

ord135

ltfil12n

ord104
ord101
ord106

ltkrn12n

ord125
ord100
ord134
ord129
ord141

Exports

Exports

DispatchFuncMessage
DispatchFuncMessage_NonThread
GetFctlStatus
InitFuncControl
KillWorkingFunction
ReleaseFuncControl

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de57b58b939e1f83c7090a95c9a2fffc

Headers

File Characteristics

Imports

kernel32

user32

version

shlwapi

wininet

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

ltdis12n

ltfil12n

ltkrn12n

Exports

Exports

Sections

.text Size: 204KB - Virtual size: 200KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 8KB - Virtual size: 39KB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 28KB - Virtual size: 25KB

.text Size: 60KB - Virtual size: 60KB

.text
Size: 204KB - Virtual size: 200KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 8KB - Virtual size: 39KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 28KB - Virtual size: 25KB

.text
Size: 60KB - Virtual size: 60KB