5add1180acd51182d5926ffca755bd57d93e4ec8ed0acdab6834f458e13f0b3d

Sharing

Copy URL Twitter E-mail

General

Target

5add1180acd51182d5926ffca755bd57d93e4ec8ed0acdab6834f458e13f0b3d
Size

187KB
MD5

832cf2fb443ecff9d442519558296250
SHA1

9d1cf18801b196f1d576b1f7a82965f3fcd2fd26
SHA256

5add1180acd51182d5926ffca755bd57d93e4ec8ed0acdab6834f458e13f0b3d
SHA512

709592f1487c5fdaa06abdef3eb5ad0a3eba4b100f4feefcf607957fcef44fbafea9ced818ff952faae978f3569646cceceb35691279f14583f905fa27851cd5
SSDEEP

3072:pWTXmx3HCqhgMYLwr7MDBrMMHMcoJKBUphYZU+Mhqy5xy18PF51zq7Rm2Xygr/PG:Ec3DhewcDBrBMRQ6fjhqOD1z+ZXnT1w

Score

N/A

Malware Config

Signatures

Files

5add1180acd51182d5926ffca755bd57d93e4ec8ed0acdab6834f458e13f0b3d
.dll windows x86

e5a7f291466506a74aa8c39ed6a993aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW

kernel32

GetProcessHeap
GetCurrentProcessId
GetTickCount
SetThreadIdealProcessor
VirtualAlloc
VirtualFree
VirtualProtect
SystemTimeToFileTime
FileTimeToSystemTime
GetEnvironmentVariableW
CreateDirectoryW
GetFileAttributesW
MoveFileExW
GlobalFree
RaiseException
LoadResource
LockResource
FindResourceExW
CreateFileW
FlushInstructionCache
GetProcessAffinityMask
SetFilePointerEx
GetFileSizeEx
GetLocalTime
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPriorityClass
SetPriorityClass
IsProcessorFeaturePresent
GetUserDefaultUILanguage
IsDebuggerPresent
SetLastError
InitializeCriticalSection
GetSystemInfo
GetTempPathW
lstrlenW
GetProcessTimes
SetThreadExecutionState
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetSystemDirectoryA
GetComputerNameExW
UnregisterWaitEx
RegisterWaitForSingleObject
CreateProcessW
SignalObjectAndWait
OutputDebugStringW
GetWindowsDirectoryW
FindFirstFileW
FindClose
ReadFile
GetSystemTimeAsFileTime
SetEndOfFile
GetFileTime
SizeofResource
FindResourceW
GetFileAttributesExW
DosDateTimeToFileTime
SetFilePointer
TlsAlloc
TlsFree
GetThreadLocale
SetThreadLocale
LoadLibraryExW
MulDiv
lstrcmpiW
GetCPInfo
GetCommandLineA
GetVersionExA
RtlUnwind
GetModuleHandleA
VirtualQuery
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
TlsGetValue
TlsSetValue
FreeLibrary
GetTempFileNameW
LoadLibraryW
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
SetThreadPriority
GetCurrentThread
GetThreadPriority
Sleep
WaitForMultipleObjects
TryEnterCriticalSection
OpenEventW
ReleaseMutex
OpenMutexW
CreateMutexW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetLastError
LocalAlloc
GetVersionExW
SetThreadAffinityMask
LocalFree
InitializeCriticalSectionAndSpinCount
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
WritePrivateProfileStringW
GetPrivateProfileStringW
CopyFileW
QueueUserWorkItem
FreeResource
DeleteCriticalSection
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreW
SetEvent
ResetEvent
CreateEventW
CloseHandle
CreateThread
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
GetModuleFileNameW
GetModuleHandleW
ResumeThread
HeapFree
HeapReAlloc
GlobalAlloc
GlobalUnlock
GlobalSize
GlobalLock
GetSystemTime
HeapAlloc
GetProcessHeap
WriteFile

gdi32

DeleteObject
SelectObject
StretchBlt
GetDIBColorTable
SetDIBColorTable
GetObjectW
GetStockObject
RemoveFontMemResourceEx
CreateDIBSection
DeleteDC
Rectangle
CreateSolidBrush
SetWindowOrgEx
SetViewportOrgEx
LPtoDP
GetDeviceCaps
CreateDCW
CreateRectRgnIndirect
SetMapMode
SaveDC
RestoreDC
GdiFlush
BitBlt
GetGlyphOutlineW
CreateFontW
AddFontMemResourceEx
CreateCompatibleDC

user32

ToUnicode
GetMessageExtraInfo
ScreenToClient
TrackMouseEvent
CreateWindowExW
ShowWindow
UpdateWindow
CharNextW
UnionRect
IntersectRect
OffsetRect
RegisterClassExW
IsDialogMessageW
GetClassInfoExW
GetKeyState
IsChild
SetWindowRgn
GetWindowDC
UnregisterClassA
CallWindowProcW
GetPropW
EndDialog
DialogBoxIndirectParamW
DefWindowProcW
SystemParametersInfoW
HideCaret
GetDlgItem
GetDlgCtrlID
GetParent
IsDlgButtonChecked
WindowFromPoint
IsWindow
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
CheckDlgButton
EnableWindow
EndPaint
TrackPopupMenu
MapWindowPoints
GetClientRect
GetWindowRect
GetActiveWindow
EqualRect
PtInRect
MessageBoxW
GetSysColor
SetRect
ClientToScreen
DialogBoxParamW
NotifyWinEvent
UnregisterClassW
GetCaretBlinkTime
GetDoubleClickTime
GetSystemMetrics
GetFocus
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
MsgWaitForMultipleObjectsEx
ReleaseCapture
SetCapture
DestroyWindow
GetDesktopWindow
SetFocus
SetCursor
WindowFromDC
InvalidateRect
DestroyMenu
RegisterClassW
LoadCursorW
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
CharLowerBuffW
GetCursorPos
SetPropW
GetSubMenu
RemoveMenu
SetMenuItemInfoW
LoadMenuIndirectW
KillTimer
SetWindowTextW
SetTimer
BeginPaint
SetClipboardData
GetKeyboardLayout
PostMessageW
FindWindowW
RegisterWindowMessageW
PostThreadMessageW
GetWindowLongW
SetWindowLongW
GetForegroundWindow
EnumDisplayDevicesW
SendMessageW
SetWindowPos
GetDC
ReleaseDC
GetKeyboardState
RemovePropW
GetWindowTextW
GetWindow

shell32

ShellExecuteExW
ShellExecuteW
SHFileOperationW
SHGetFolderPathW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

comctl32

InitCommonControlsEx

ole32

CoCreateInstance
OleRegGetMiscStatus
OleSaveToStream
OleLoadFromStream
OleRegEnumVerbs
OleRegGetUserType
WriteClassStm
CoTaskMemRealloc
CreateOleAdviseHolder
StringFromGUID2
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CreateBindCtx
CreateStreamOnHGlobal
CoInitialize
CoGetMalloc

shlwapi

PathCombineW
StrCmpIW
PathAppendW
PathIsRelativeW
PathFindExtensionW
UrlUnescapeW
UrlCreateFromPathW
PathCreateFromUrlW
PathRemoveFileSpecW

oleacc

LresultFromObject

pdh

PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterW
PdhMakeCounterPathW
PdhLookupPerfNameByIndexW
PdhCloseQuery
PdhOpenQueryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod
timeGetTime

crypt32

CertVerifyCertificateChainPolicy

setupapi

SetupIterateCabinetW

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
VarUI4FromDec
SetErrorInfo

Sections

.text
Size: 112KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5a7f291466506a74aa8c39ed6a993aa

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

comdlg32

comctl32

ole32

shlwapi

oleacc

pdh

version

winmm

crypt32

setupapi

oleaut32

Sections

.text Size: 112KB - Virtual size: 132KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 62KB - Virtual size: 62KB

.reloc Size: 512B - Virtual size: 276B

.text
Size: 112KB - Virtual size: 132KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 62KB - Virtual size: 62KB

.reloc
Size: 512B - Virtual size: 276B