1ab14eb562d841763d46d486f4b8d71d871b3acd89249ef8fc3a25f3118a14ad

Sharing

Copy URL Twitter E-mail

General

Target

1ab14eb562d841763d46d486f4b8d71d871b3acd89249ef8fc3a25f3118a14ad
Size

1020KB
MD5

04b36766f7f4d9e6a9ee8b93c3b089f0
SHA1

518219d03b3e6f2ce1c8318165555eb2ca584730
SHA256

1ab14eb562d841763d46d486f4b8d71d871b3acd89249ef8fc3a25f3118a14ad
SHA512

5e230ce8714b515a575b2ef7dca9f33d82806063153ba8cac02736190c5819e7c969240cf1cd61cd7cf684e70ea2fcac000a3bcbd5d3b136d4453de1b8c89016
SSDEEP

24576:SipFXnTPLVQ7HMaDk6HMM8IiFXlelVLI:1XTPLVaMaDjCplL

Score

N/A

Malware Config

Signatures

Files

1ab14eb562d841763d46d486f4b8d71d871b3acd89249ef8fc3a25f3118a14ad
.dll windows x86

1ddd4b01e0d55642fcc1538421f50f7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
InitializeCriticalSection
GlobalAlloc
MulDiv
lstrcmpW
GlobalUnlock
FlushInstructionCache
RaiseException
GetLastError
SetLastError
DeleteCriticalSection
GetCurrentThreadId
lstrlenA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCurrentProcess
MultiByteToWideChar
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
Sleep
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
CloseHandle
CreateEventW
ResetEvent
EnterCriticalSection
lstrlenW
GetModuleFileNameW
LeaveCriticalSection
LCMapStringA
SetEvent
GetStdHandle
WriteFile
HeapReAlloc
HeapDestroy
HeapCreate
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleA
InterlockedCompareExchange

user32

ScreenToClient
UnregisterClassA
MoveWindow
GetWindow
DefWindowProcW
CallWindowProcW
UpdateWindow
SendMessageW
IsWindowVisible
ReleaseCapture
CreateWindowExW
IsWindow
ShowWindow
SetLayeredWindowAttributes
GetCursorPos
SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
SetWindowLongW
GetDlgItem
ReleaseDC
GetClassNameW
GetWindowLongW
InvalidateRect
RegisterClassExW
GetDC
GetClassInfoExW
BeginPaint
GetWindowTextLengthW
GetMessageW
RegisterWindowMessageW
TranslateMessage
GetWindowTextW
MonitorFromWindow
MapWindowPoints
SetFocus
GetMonitorInfoW
DispatchMessageW
EndPaint
ClientToScreen
DestroyWindow
UpdateLayeredWindow
DestroyAcceleratorTable
SetWindowTextW
GetWindowRect
CharNextW
FillRect
IsChild
SetCapture
PostMessageW
GetFocus
GetParent
InvalidateRgn
LoadCursorW
GetClientRect
CreateAcceleratorTableW

gdi32

DeleteDC
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetStockObject
CreateSolidBrush
BitBlt

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoCreateInstance

oleaut32

OleCreateFontIndirect
SysAllocStringLen
SysAllocString
SysFreeString
DispCallFunc
SysStringLen
VariantClear
LoadTypeLi
VariantInit
LoadRegTypeLi
VarBstrCmp

shlwapi

PathFindFileNameW

gdiplus

GdipCloneBrush
GdipAlloc
GdipDisposeImage
GdipDeleteBrush
GdipFree
GdipDeletePath
GdipCreateHBITMAPFromBitmap
GdipFillPath
GdipCloneImage
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipSetPathGradientPresetBlend
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipSetClipRectI
GdipCreatePathGradientFromPath
GdipGetImageGraphicsContext
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathArcI

Exports

Exports

CreateInstance

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 790KB - Virtual size: 789KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ddd4b01e0d55642fcc1538421f50f7e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

shlwapi

gdiplus

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 10KB - Virtual size: 17KB

.rsrc Size: 790KB - Virtual size: 789KB

.reloc Size: 16KB - Virtual size: 15KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 790KB - Virtual size: 789KB

.reloc
Size: 16KB - Virtual size: 15KB

.rmnet
Size: 56KB - Virtual size: 60KB