a892ccc321ee4c5adfada3634eb53406ec4656c8696b484949f4208330407add

Sharing

Copy URL Twitter E-mail

General

Target

a892ccc321ee4c5adfada3634eb53406ec4656c8696b484949f4208330407add
Size

825KB
MD5

91c2725d2fe2e5559da4599874720fc0
SHA1

6ff9d99b00dd40421f8cb9ecad2b77665af33110
SHA256

a892ccc321ee4c5adfada3634eb53406ec4656c8696b484949f4208330407add
SHA512

5eab1c408e8cbfd97335db459a77634e5a4d83fafea4083c2ab0a07714fcce9e5b4735d1832870b219bffc45c11d0edc8fd94aed5ccc43012bfbdd2c93675a5d
SSDEEP

12288:Q7spxE4e3mhl2sX/WMQBPrHXEFLztBBxGeUwH8nVZGMya2I5CATAFU9M1rYbyxKs:QoRMeUS+ZX2sCATDm1rYWVeKENVr+

Score

N/A

Malware Config

Signatures

Files

a892ccc321ee4c5adfada3634eb53406ec4656c8696b484949f4208330407add
.dll windows x86

f082d681aaa74a5ade1a617016d921e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
WSASend
send
WSARecv
recv
getpeername
ntohs
WSAGetLastError
WSAGetOverlappedResult
closesocket

wininet

HttpSendRequestA
HttpSendRequestW
InternetReadFile
InternetCloseHandle
InternetOpenUrlA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
HttpQueryInfoA
InternetQueryOptionA
InternetCrackUrlA
InternetOpenA

shlwapi

StrStrIA

kernel32

ExitProcess
LCMapStringW
LocalFree
GetProcessHeap
SetEndOfFile
CreateFileW
SetStdHandle
WriteConsoleW
HeapReAlloc
InterlockedExchange
FreeLibrary
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LoadLibraryW
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsValidCodePage
GetOEMCP
CloseHandle
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetEvent
GetModuleHandleA
Sleep
CreateThread
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
CreateFileA
GetTempPathA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetCurrentThread
HeapSize
CreateEventA
lstrlenW
GetModuleFileNameA
ResetEvent
WaitForMultipleObjects
MultiByteToWideChar
GetLastError
ReadFile
WriteFile
GetFileSize
SetFilePointer
lstrlenA
lstrcatA
lstrcpynA
CreateDirectoryA
lstrcpyA
GetTickCount
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
ReleaseMutex
CreateMutexA
VirtualQuery
HeapCreate
VirtualProtect
ResumeThread
FlushInstructionCache
GetThreadContext
SetThreadContext
SuspendThread
VirtualAlloc
SetLastError
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
GetConsoleCP
GetConsoleMode
SetUnhandledExceptionFilter
InterlockedCompareExchange
TlsAlloc
IsProcessorFeaturePresent
GetLocaleInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetFileType
SetHandleCount
GetModuleFileNameW
GetStdHandle
GetCommandLineA
HeapAlloc
HeapFree
ExitThread
RaiseException
FatalAppExitA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
HeapDestroy
DecodePointer
EncodePointer
RtlUnwind

user32

DispatchMessageA
MessageBoxA
BringWindowToTop
SetForegroundWindow
DefWindowProcA
CreateWindowExA
GetMessageA
RegisterClassExA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoCreateInstance
OleRun
CoInitialize
CoUninitialize

oleaut32

SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
SysAllocString
SysAllocStringLen
SysFreeString
SetErrorInfo
VariantInit
VariantClear
VariantChangeType
GetErrorInfo
CreateErrorInfo

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

isVideoFlash
onGetItBtnClicked
onGetItBtnClicked2
onGetItBtnClicked3
onHttpDialogClosed
onHttpDialogDataReceived
onNewHttpDialog
onNewHttpRequest

Sections

.text
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 217KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f082d681aaa74a5ade1a617016d921e7

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wininet

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 464KB - Virtual size: 464KB

.rdata Size: 110KB - Virtual size: 109KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 23KB - Virtual size: 22KB

.text Size: 217KB - Virtual size: 220KB

.text
Size: 464KB - Virtual size: 464KB

.rdata
Size: 110KB - Virtual size: 109KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 22KB

.text
Size: 217KB - Virtual size: 220KB