e43a7ed815420c8e4d1ab323aa883a6abe5e9373208d0a7950e5e0dad7571192

Sharing

Copy URL Twitter E-mail

General

Target

e43a7ed815420c8e4d1ab323aa883a6abe5e9373208d0a7950e5e0dad7571192
Size

381KB
MD5

84331ed637e85dbc25bc84f695145c40
SHA1

3902a1e7244dcc0637fe53ea1fe0d54c15d2691f
SHA256

e43a7ed815420c8e4d1ab323aa883a6abe5e9373208d0a7950e5e0dad7571192
SHA512

ee5070f67d655a3e3eee6e51005846b132f251e6ac3c23c5bb4e5487efb1f254141e8513f9edd10d562e9ac6f83ee36e3f1c751c7e890e0836037eec2dc240d1
SSDEEP

6144:EOzTFLzUyRYPZcVbVDLUnN/htB7Z5TrmTytzII0H/FfEaKA:vzhQyaPChoNbBN5TrmszIryah

Score

N/A

Malware Config

Signatures

Files

e43a7ed815420c8e4d1ab323aa883a6abe5e9373208d0a7950e5e0dad7571192
.dll windows x86

4ce797bcc4d0ca5f2563b05def8e68ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

user32

ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
ScreenToClient
CharNextW
RegisterWindowMessageW
IsChild
SetCapture
UnregisterClassW
GetFocus
EndPaint
LoadCursorW
GetClientRect
CreateAcceleratorTableW
SetFocus
BeginPaint
GetClassInfoExW
RegisterClassExW
GetWindowTextW
GetClassNameW
GetDlgItem
RedrawWindow
GetDesktopWindow
SetWindowPos
IsWindow
CreateWindowExW
ReleaseCapture
SetWindowTextW
CallWindowProcW
GetWindow
MoveWindow
GetMessageW
GetWindowDC
FillRect
MsgWaitForMultipleObjects
InvalidateRgn
GetDC
TranslateMessage
IntersectRect
InvalidateRect
PeekMessageW
ReleaseDC
GetSysColor
DispatchMessageW
GetWindowLongW
SetWindowLongW
MessageBoxW
SendMessageW
DefWindowProcW
GetParent

ole32

CoTaskMemAlloc
CoGetClassObject
CoInitialize
OleUninitialize
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemRealloc
OleLockRunning
CoTaskMemFree
CreateBindCtx
CoCreateInstance
CoFreeUnusedLibraries
CLSIDFromString
StringFromCLSID
CLSIDFromProgID

oleaut32

SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayGetElement
SafeArrayGetDim
SafeArrayUnlock
SafeArrayDestroy
SafeArrayGetLBound
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
LoadRegTypeLi
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringLen
LoadTypeLi
SysStringLen
SysAllocString
VariantInit
VariantCopy
SysFreeString
VariantClear

kernel32

LCMapStringW
SetFilePointerEx
GetConsoleCP
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStartupInfoW
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW
ReadFile
ReadConsoleW
LocalFree
HeapDestroy
InterlockedCompareExchange
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
GetConsoleMode
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
HeapSize
RtlUnwind
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
GetProcessHeap
GetCommandLineA
HeapReAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
HeapAlloc
HeapFree
lstrlenW
GetCurrentThreadId
GetCurrentProcess
ReadProcessMemory
FlushInstructionCache
VirtualProtect
WriteProcessMemory
GetModuleHandleW
LoadLibraryW
GetProcAddress
FindResourceExW
FindResourceW
LoadResource
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
SizeofResource
MultiByteToWideChar
GetLastError
LockResource
WideCharToMultiByte
MulDiv
CreateEventW
DeleteCriticalSection
GetEnvironmentVariableW
FreeLibrary
LoadLibraryExW
GlobalLock
GlobalAlloc
LeaveCriticalSection
GetModuleFileNameW
lstrcmpW
GlobalUnlock
RaiseException
SetLastError
EnterCriticalSection
lstrcmpiW
CloseHandle

advapi32

RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shlwapi

StrCatW

gdi32

CreateSolidBrush
SetMapMode
CombineRgn
DPtoLP
CreateRectRgnIndirect
CreateCompatibleDC
SelectClipRgn
SelectObject
DeleteObject
GetDeviceCaps
DeleteDC
LPtoDP
SetViewportOrgEx
BitBlt
GetStockObject
GetObjectW
CreateCompatibleBitmap

urlmon

RevokeBindStatusCallback
CoGetClassObjectFromURL
CreateURLMoniker
RegisterBindStatusCallback

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ce797bcc4d0ca5f2563b05def8e68ff

Headers

DLL Characteristics

File Characteristics

Imports

version

user32

ole32

oleaut32

kernel32

advapi32

shlwapi

gdi32

urlmon

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 54KB - Virtual size: 53KB

.data Size: 11KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 29KB - Virtual size: 28KB

.text Size: 107KB - Virtual size: 108KB

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 11KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 29KB - Virtual size: 28KB

.text
Size: 107KB - Virtual size: 108KB