1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4_unpacked

Sharing

Copy URL Twitter E-mail

General

Target

1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4_unpacked
Size

150KB
MD5

f2c6b15b60e0efc97aed917a6fd291b3
SHA1

4658c8aa808dc78f2d5456ed76d82d1b711f0dcd
SHA256

1247273c17d4e15846ca04a8a1f790b91eef1e8580912887a9854dc59f366b39
SHA512

62bdfda34f71e4cd44b6ade58d55c3abaccd44223da10bf1090ef6721eb69155f1510b4416e4a86ae6191674b7daa1217f0d99407527e39dae97841c9ffaaa45
SSDEEP

3072:piEP++z0X0ks5OoSWyptieXZDWAr/OBybVqCOH0xfULhyNdF86L5hsn3:piEPHzRJ5OohGD3/0ybANKb8+5+n

Score

N/A

Malware Config

Signatures

Files

1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4_unpacked
.dll windows x86

9426f2e1c038f3a988fca5bb1c25b1fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsQuery_A
DnsRecordListFree

ws2_32

ioctlsocket
connect
htons
bind
listen
WSACleanup
setsockopt
gethostbyaddr
htonl
gethostbyname
ntohs
getsockname
send
recv
select
__WSAFDIsSet
WSAGetLastError
closesocket
socket
WSAIoctl
inet_addr
inet_ntoa
WSAStartup

shell32

SHGetFolderPathA
SHGetFolderPathW

shlwapi

StrCmpNIA
PathCombineW
PathCombineA
wvnsprintfA
StrCmpNA
PathMatchSpecA

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoInitializeSecurity
CoInitializeEx
CoUninitialize

kernel32

lstrcmpW
lstrcpyW
GetFileSize
SetFileAttributesW
DeleteFileW
SetFileAttributesA
GetExitCodeProcess
LocalAlloc
LocalFree
SetFilePointer
HeapFree
HeapAlloc
HeapCreate
GetVersionExA
GetWindowsDirectoryA
SetEnvironmentVariableA
FreeLibrary
GetSystemTime
lstrlenA
SleepEx
CreateEventA
GetCurrentProcessId
WaitForSingleObject
SetThreadPriority
GetCurrentThread
WideCharToMultiByte
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateMutexA
lstrcmpA
lstrcatA
lstrcpyA
FlushFileBuffers
WriteFile
SetNamedPipeHandleState
CreateFileA
IsBadReadPtr
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
SetLastError
GetLastError
CloseHandle
CreateThread
GetCommandLineA
Sleep
Thread32Next
Thread32First
SetThreadContext
GetThreadContext
GetPrivateProfileStringW
GetPrivateProfileIntW
GetFileAttributesW
CreateFileW
SuspendThread
ResumeThread
LoadResource
SizeofResource
FindResourceA
lstrlenW
SetEvent
GetTickCount
ReleaseMutex
DuplicateHandle
GetCurrentProcess
TerminateThread
MoveFileA
MoveFileExA
GetEnvironmentVariableA
ResetEvent
GlobalFree
GlobalAlloc
CopyFileA
WaitForMultipleObjects
GetComputerNameA
DisconnectNamedPipe
ReadFile
ConnectNamedPipe
CreateNamedPipeA
TerminateProcess
GetLocalTime
GetCurrentThreadId
LoadLibraryA
DeleteFileA
CreateDirectoryA
MultiByteToWideChar
lstrcmpiA
SystemTimeToFileTime

user32

IsCharAlphaNumericA
MessageBoxW
MessageBoxA
DialogBoxParamA
DialogBoxParamW
GetWindowTextA
GetWindowTextW
GetWindowLongA
ToAscii
GetKeyboardState
PostMessageA
FindWindowA

advapi32

GetSidSubAuthorityCount
RegCloseKey
RegQueryInfoKeyA
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
RegEnumKeyExA
GetSidSubAuthority
EqualSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
LookupAccountSidA
RegOpenKeyExA

oleaut32

SysFreeString
VariantClear
VariantInit

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9426f2e1c038f3a988fca5bb1c25b1fc

Headers

DLL Characteristics

File Characteristics

Imports

dnsapi

ws2_32

shell32

shlwapi

ole32

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 96KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 96KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 7KB - Virtual size: 6KB