c84ccbe52ace7dae39510c1a48d3059b506f89e69a462a27f1b75ea2fe841428

Sharing

Copy URL Twitter E-mail

General

Target

c84ccbe52ace7dae39510c1a48d3059b506f89e69a462a27f1b75ea2fe841428
Size

128KB
MD5

a2805ab9836d9c94c2826952e8d26640
SHA1

7bc63802d021da968ac1d772d7334869fd140c1f
SHA256

c84ccbe52ace7dae39510c1a48d3059b506f89e69a462a27f1b75ea2fe841428
SHA512

f5911e06a8446fd232e2b499fcf80b7f268bf1ba079f670179be16693bdfc47e50e1764de8fd91fe1bb4e71e27378a497cb62144a6a48e1a5d71c9093f646bdc
SSDEEP

3072:ZDFkDLmcTMfQusCLBLqtgAT1XzIvuhi6rQcoA/XlBMpxiOUDpXOR:pifmmpusBJ15r1fly6hE

Score

N/A

Malware Config

Signatures

Files

c84ccbe52ace7dae39510c1a48d3059b506f89e69a462a27f1b75ea2fe841428
.dll windows x86

abbc34bb8e02003b4a5bc2051b789a6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrencyFormatA
FileTimeToDosDateTime
GetCPInfoExW
SetLastError
LoadLibraryExA
GetPrivateProfileStringW
_hwrite
FoldStringW
GetCalendarInfoW
RegisterWowExec
SetSystemTime
WriteProfileStringW
GetThreadLocale
GetLogicalDriveStringsW
CopyFileA
GetCurrentProcess
MultiByteToWideChar
CreateFileMappingA
BeginUpdateResourceW
OpenWaitableTimerA
FindNextVolumeA
EnumResourceNamesW
EnumSystemCodePagesW
GetNumberOfConsoleFonts
HeapSummary
GetThreadPriority
FindFirstVolumeW
GlobalMemoryStatus
RtlUnwind
GetFileType
InitializeCriticalSection
IsProcessorFeaturePresent
ConvertDefaultLocale
GetTempFileNameW
ConnectNamedPipe
lstrcmpW
IsBadCodePtr
FindFirstFileW
GetSystemInfo
IsDBCSLeadByteEx
ReadConsoleOutputAttribute
OpenSemaphoreW
BuildCommDCBAndTimeoutsA
GetProcessVersion
GlobalGetAtomNameW
QueryInformationJobObject
VerLanguageNameA
Process32Next
FindNextFileA
SetFileAttributesA
SizeofResource
GetConsoleCommandHistoryLengthA
DefineDosDeviceA
Sleep
GetExitCodeProcess
GetBinaryTypeW
CreateWaitableTimerW
SwitchToThread
GetSystemTime
lstrlenW
DuplicateConsoleHandle
GetModuleHandleA
CompareFileTime
OpenJobObjectW
GetProcessPriorityBoost
QueryDosDeviceA
EnumSystemLocalesW
SetConsoleCursor
GetFileSizeEx
RemoveDirectoryW
WaitForMultipleObjectsEx
QueueUserAPC
GetConsoleDisplayMode
HeapReAlloc
GetDriveTypeW
RequestWakeupLatency
SetTapePosition
TryEnterCriticalSection
GetConsoleAliasExesLengthW
GetHandleInformation
GetConsoleInputWaitHandle
GetTimeFormatA
SetConsoleOutputCP
IsValidLocale
DisconnectNamedPipe
UnregisterWait
TlsFree
SetMailslotInfo
SetUnhandledExceptionFilter
SetFileTime
SetConsolePalette
GetTempFileNameA
GetNumberOfConsoleInputEvents
QueryPerformanceCounter
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
CopyFileExW
FillConsoleOutputCharacterA
SetHandleCount
InvalidateConsoleDIBits
LoadLibraryA
ExpungeConsoleCommandHistoryA
LocalFree
GetCommProperties
VirtualQueryEx
GetEnvironmentVariableW
CreateSemaphoreW
GetThreadSelectorEntry
CallNamedPipeW
RemoveDirectoryA
VerLanguageNameW
OutputDebugStringW
GetOEMCP
WriteProfileStringA
GetVersion
VirtualUnlock
GetProcAddress
GetSystemTimeAdjustment
VirtualAlloc

advapi32

ConvertStringSidToSidW
LsaAddAccountRights
RegSetValueExW
LsaCreateTrustedDomainEx
NotifyChangeEventLog
CreatePrivateObjectSecurity
SystemFunction008
LsaGetQuotasForAccount
LsaStorePrivateData
RegGetKeySecurity
LsaSetSystemAccessAccount
LsaLookupPrivilegeDisplayName
RegSetValueW
LsaQueryTrustedDomainInfo
SystemFunction012
GetExplicitEntriesFromAclA
GetAccessPermissionsForObjectA
CryptDecrypt
InitializeSid
RegCreateKeyW
BuildImpersonateTrusteeW
AccessCheckByTypeAndAuditAlarmW
LsaSetDomainInformationPolicy

comctl32

ImageList_ReplaceIcon
ImageList_SetFilter
FlatSB_EnableScrollBar
InitCommonControlsEx
ImageList_EndDrag
FlatSB_GetScrollPos
FlatSB_ShowScrollBar
ImageList_DrawEx
_TrackMouseEvent
ImageList_Remove
ImageList_LoadImageW
ImageList_Duplicate
ord8
UninitializeFlatSB
ord7
ImageList_Merge
ImageList_Replace
ImageList_Read
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_GetImageRect
ord3
ImageList_DragMove
CreateToolbarEx
ImageList_SetImageCount
ImageList_SetBkColor
FlatSB_SetScrollRange
CreateStatusWindowW
ImageList_Create
ord2
ImageList_DragLeave
ImageList_AddMasked
ImageList_AddIcon
ImageList_Destroy
FlatSB_SetScrollProp
FlatSB_GetScrollProp
ord6
ord4
FlatSB_GetScrollInfo
ord17
DestroyPropertySheetPage
PropertySheetA
ImageList_GetIconSize
ImageList_GetIcon
ImageList_Add
ImageList_BeginDrag
FlatSB_GetScrollRange
ord13
ord5
ImageList_SetOverlayImage
InitializeFlatSB
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetBkColor

opengl32

glVertex2fv
glColor4ub
glTexParameterf
glVertex2f
glInterleavedArrays
glIndexs
glMateriali
glNormal3s
glEndList
glGenLists
glDepthRange
glClearIndex
glColor3b
glGenTextures
glIndexd
glVertex2i
glColor3fv
glEvalPoint1
glRasterPos2f
GlmfPlayGlsRecord
glGetMapfv
glColor4sv
glMatrixMode
glMultMatrixd
glCopyTexSubImage2D
glTexCoord3fv
glDrawArrays
glTexCoord1sv
glLightModelf
glMultMatrixf
glScalef

shell32

ExtractIconA
ExtractAssociatedIconExW
SHGetFileInfoW
ShellAboutA
StrRChrIA
FindExecutableW
DragQueryFileA
StrRStrIW
SHEmptyRecycleBinA
ord180
Shell_NotifyIconA
SHGetPathFromIDListA
DragFinish
StrNCmpA
ShellExecuteA
FreeIconList
SHAddToRecentDocs
StrStrW
ord179
SHBrowseForFolderW
StrRStrW
SHFileOperationA
SheChangeDirExW
StrStrIA
StrChrIW
SHGetMalloc
InternalExtractIconListW
StrCmpNIA
SHInvokePrinterCommandW
SHFormatDrive
ExtractAssociatedIconExA
ShellAboutW
SHGetSpecialFolderPathA
InternalExtractIconListA
StrCmpNW
SheSetCurDrive
SHEmptyRecycleBinW
SHGetDataFromIDListW
FindExecutableA
StrRChrW
ShellExecuteExA
StrNCmpIA
DoEnvironmentSubstA
ExtractIconW
SHGetDataFromIDListA
SHUpdateRecycleBinIcon
SHGetInstanceExplorer
ShellExecuteExW
StrChrIA
SHInvokePrinterCommandA
RegenerateUserEnvironment
SHGetDiskFreeSpaceA
SHAppBarMessage
StrChrW
SHFileOperationW
SHChangeNotify
StrRChrIW
CommandLineToArgvW
SHQueryRecycleBinA
StrStrIW
StrRChrA
SHGetFileInfoA
ExtractIconExA
SHBrowseForFolderA
RealShellExecuteA
ExtractIconExW
DoEnvironmentSubstW
WOWShellExecute
RealShellExecuteW
StrRStrA
DragQueryPoint
StrChrA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListW
CheckEscapesW
SheGetDirA
SHLoadInProc
SHFreeNameMappings
SheChangeDirA
DragQueryFileAorW
DragAcceptFiles
SHQueryRecycleBinW
DragQueryFileW
StrRStrIA
DuplicateIcon
SHGetSpecialFolderPathW
StrNCmpW
RealShellExecuteExW
StrStrA
ExtractAssociatedIconA
RealShellExecuteExA
StrCmpNIW
StrCmpNA
ShellHookProc
ShellExecuteW
SHGetSettings
ExtractAssociatedIconW
Shell_NotifyIconW
StrNCmpIW

shlwapi

PathFileExistsA
PathIsUNCServerW
PathCompactPathW
UrlGetLocationA
PathCombineW
UrlCompareA
UrlIsW
PathRemoveFileSpecA
UrlGetLocationW
StrFormatByteSizeA
SHRegOpenUSKeyW
PathIsDirectoryA
PathRenameExtensionW
StrTrimA
PathBuildRootA
StrCSpnW
PathGetCharTypeW
SHDeleteValueA
PathFindFileNameA
PathIsPrefixA
PathQuoteSpacesA
StrNCatA
PathIsURLA
PathCommonPrefixW
PathFindOnPathA
PathSearchAndQualifyW
PathAddExtensionW
SHRegDeleteUSValueA
StrToIntA
SHQueryInfoKeyA
PathRemoveBackslashA
PathRelativePathToA
PathSearchAndQualifyA
PathIsFileSpecW
PathGetDriveNumberW
SHRegQueryInfoUSKeyW
SHRegGetUSValueA
PathStripPathW
PathMakePrettyA
SHDeleteEmptyKeyW
SHRegEnumUSKeyW
StrCmpIW
SHDeleteEmptyKeyA
PathIsRelativeA
StrCmpW
HashData
PathRemoveBlanksA
PathIsURLW
SHRegSetUSValueA
StrFromTimeIntervalA
IntlStrEqWorkerW
PathRemoveBackslashW
PathIsRootW
StrIsIntlEqualA
SHRegGetBoolUSValueA
StrCSpnIW
PathIsUNCServerShareA
StrToIntW
PathGetArgsW
SHEnumKeyExA
PathCreateFromUrlW
UrlApplySchemeW
PathIsContentTypeA
PathBuildRootW
SHRegDeleteUSValueW
PathFindNextComponentW
PathSetDlgItemPathW
PathIsSameRootW
StrDupA
SHRegCreateUSKeyA
SHDeleteOrphanKeyW
PathMakeSystemFolderW
PathIsUNCA

version

VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoA
VerInstallFileW
VerInstallFileA
VerFindFileW
GetFileVersionInfoSizeA
VerQueryValueA

winmm

DriverCallback
mixerGetDevCapsA
midiInAddBuffer
mmioStringToFOURCCA
waveInClose
mixerGetNumDevs
waveOutReset
midiInOpen
OpenDriver
mmioAdvance
waveInOpen
mixerGetLineControlsA
midiInClose
midiInUnprepareHeader
mixerMessage
mciFreeCommandResource
aux32Message
waveInUnprepareHeader
mci32Message
joyGetDevCapsW
timeGetTime
midiOutPrepareHeader
mixerClose
waveInPrepareHeader
mciSendCommandW
waveInGetErrorTextW
mod32Message
mid32Message
mmioSendMessage
midiInGetErrorTextW
midiOutGetErrorTextW
mmioOpenA
midiInGetID
waveOutGetID
midiOutOpen
waveOutUnprepareHeader
midiOutLongMsg
timeGetSystemTime
mmioOpenW
midiOutShortMsg
midiStreamRestart
mixerSetControlDetails
mciSetYieldProc
mmTaskCreate
mmioFlush
mciGetErrorStringW
joySetThreshold
waveOutGetPitch
midiStreamPosition
mciGetDeviceIDA
midiInMessage
waveInStart
DefDriverProc
auxGetNumDevs
midiConnect
mmioRenameW
mmsystemGetVersion
midiOutGetDevCapsA
SendDriverMessage
mmioInstallIOProcW
waveInGetDevCapsA
waveInGetErrorTextA
midiInGetNumDevs
wod32Message
mciGetYieldProc
auxSetVolume
auxGetDevCapsA
waveInGetID
mmTaskBlock
midiStreamProperty
waveOutMessage
mmioSeek
waveOutClose
midiStreamOpen
waveOutPause
waveOutSetVolume
timeBeginPeriod
mciGetCreatorTask
mmioSetInfo
waveOutGetPosition
waveOutSetPitch
sndPlaySoundW
mmTaskYield
GetDriverModuleHandle
mciGetDeviceIDW
WOWAppExit
mciLoadCommandResource
waveOutGetErrorTextA
mciSendCommandA
mmioInstallIOProcA
joy32Message
joyGetNumDevs
midiOutSetVolume
midiOutUnprepareHeader
joyConfigChanged
midiOutCacheDrumPatches
waveInAddBuffer
tid32Message
mmioStringToFOURCCW
waveOutGetDevCapsA
mciDriverNotify
waveInGetNumDevs
joyGetPos
midiOutGetDevCapsW
midiOutMessage
NotifyCallbackData
joyGetThreshold
joySetCapture
mmioSetBuffer
mciSetDriverData
mmioAscend
mciExecute
mmioRenameA
waveOutSetPlaybackRate
waveOutPrepareHeader

winspool.drv

OpenPrinterA
QuerySpoolMode
GetPrintProcessorDirectoryW
DeletePortA
GetPrinterA
ord205
EnumPortsA
ConfigurePortW
DeletePrinterIC
SpoolerPrinterEvent
StartPagePrinter
QueryColorProfile
EnumFormsW
EnumJobsW
DeletePrinterDriverExW
DeletePrinterDataExA
EnumPrinterKeyA
OpenPrinterW
ord213
AddFormW
DevQueryPrintEx
FindClosePrinterChangeNotification
GetPrinterDriverDirectoryA
AddPrintProvidorA
DeletePrinterDriverW
DeleteFormA
SetPrinterDataA
SetFormA
AddPrintProcessorW
AdvancedDocumentPropertiesW
ScheduleJob
GetSpoolFileHandle
DeleteMonitorA
StartDocPrinterW
EnumPrintersW
GetPrinterDataW
AddPrintProvidorW
DocumentPropertiesW
ClosePrinter
SplDriverUnloadComplete
DeletePrinterDataW
SetJobA
FindNextPrinterChangeNotification
ConfigurePortA
AddPortW
EnumPrintersA
ADVANCEDSETUPDIALOG
DeleteFormW
GetFormW
EXTDEVICEMODE
SetPrinterDataExA
DeletePrinterKeyA
EnumPrinterDataExA
AddJobA
DeletePrinter
AddPrinterA
ConvertAnsiDevModeToUnicodeDevmode
DocumentEvent
DocumentPropertySheets
StartDocDlgA
EnumJobsA
ord101
DeletePrinterDriverExA
DeletePrinterKeyW
DeletePrinterConnectionA
SetPortA
SpoolerDevQueryPrintW
ord204

msvcrt

_mbsnicoll
_memccpy
_lrotr
_unlink
__badioinfo
__p___argc
_HUGE
_setjmp3
__p__winminor
ferror
_strtime
_fdopen
fopen
_strnicmp
free
_isctype
_wexeclpe
memset
isprint
wcscmp
__unDName
_getpid
__crtGetLocaleInfoW
_ismbbalpha
_mbsninc
_ismbbtrail
_wcsicoll
fwrite
asin
tan
_getsystime
ftell
sprintf
_rotr
fputc
_ismbcalnum
fclose
fwprintf
fread
fputs
_atoi64
wcstoul
isspace
memcmp
swscanf
fprintf
_execl
fseek
_wspawnvpe
fsetpos
_wexecve
feof
strchr
_loaddll
_putenv
iswupper
printf

Exports

Exports

Bkudz
Znyx

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abbc34bb8e02003b4a5bc2051b789a6c

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

opengl32

shell32

shlwapi

version

winmm

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 8KB - Virtual size: 6KB