05a7bc5009e306f9692a81952358e56b8bc66325ce1f4d446351ca8b4edb930c

Sharing

Copy URL Twitter E-mail

General

Target

05a7bc5009e306f9692a81952358e56b8bc66325ce1f4d446351ca8b4edb930c
Size

425KB
MD5

81b18ab67d8c57c65d5c6ca7514c1521
SHA1

b2a6bbf0439e959b04135a4ec33947f1b7ec124b
SHA256

05a7bc5009e306f9692a81952358e56b8bc66325ce1f4d446351ca8b4edb930c
SHA512

f4ec4c4323fc4005f07872727dde834987ec2770a3b4d3fded0e2c8ab4960374366f522a1162a300a4baffdfd91db316b8542e38c397c47525e59664b2428615
SSDEEP

12288:b8MC7SyycbV9CrRI9kuQacITq1ckHzWJqZ:b8ZVycr8RI9kaNq1ckHy

Score

N/A

Malware Config

Signatures

Files

05a7bc5009e306f9692a81952358e56b8bc66325ce1f4d446351ca8b4edb930c
.dll windows x86

b3e08fceaefda6957e403f7cc0c84ed3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
CreateProcessAsUserW
DuplicateTokenEx
FreeSid
GetUserNameW
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorSacl
SetTokenInformation
StartServiceW

user32

BringWindowToTop
CopyRect
CreateDialogParamW
CreateWindowExW
DestroyWindow
DialogBoxParamW
EnableWindow
EndDialog
ExitWindowsEx
GetClientRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetParent
GetSystemMetrics
wsprintfW
ShowWindow
SetWindowTextW
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SetActiveWindow
SendMessageW
PostMessageW
OffsetRect
MessageBoxW
LoadStringW
LoadImageW
KillTimer
IsWindow
GetWindowRect

wininet

InternetCloseHandle
InternetConnectW
InternetOpenW
InternetQueryDataAvailable
HttpSendRequestW
InternetReadFile
InternetSetOptionW
InternetSetStatusCallbackW
HttpQueryInfoW
HttpOpenRequestW
InternetQueryOptionW
HttpAddRequestHeadersA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
SHCreateDirectoryExW
CommandLineToArgvW

shlwapi

PathCompactPathExW

ole32

CoUninitialize
CoInitializeEx

gdi32

SetBkColor
CreateSolidBrush

kernel32

WriteConsoleA
WideCharToMultiByte
WaitNamedPipeW
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
TerminateProcess
WriteConsoleW
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
SearchPathW
RtlUnwind
ResetEvent
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
Process32NextW
Process32FirstW
OutputDebugStringW
OpenProcess
OpenMutexW
OpenEventA
MultiByteToWideChar
MoveFileW
MoveFileExW
LocalFree
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
WriteFile
SystemTimeToFileTime
AllocConsole
CancelIo
CloseHandle
CompareStringA
CompareStringW
CopyFileW
CreateEventA
CreateEventW
CreateFileA
CreateMutexW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DisconnectNamedPipe
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcStringFreeW

Exports

Exports

List_GetItem
List_Insert
ParseTuple
convert_from_time_t
get_x_offset_microns

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3e08fceaefda6957e403f7cc0c84ed3

Headers

File Characteristics

Imports

advapi32

user32

wininet

version

shell32

shlwapi

ole32

gdi32

kernel32

rpcrt4

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 267KB - Virtual size: 267KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 267KB - Virtual size: 267KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB