1430cba840c3c1d1f6c2485fdd42b1e0a3709bf7c058bd01abb094512a23ebfa

Sharing

Copy URL

Twitter E-mail

General

Target

1430cba840c3c1d1f6c2485fdd42b1e0a3709bf7c058bd01abb094512a23ebfa
Size

240KB
MD5

07f058d8132e7516801c192a63f5a4c0
SHA1

aad44584dbf31e8fbf33170c23c1e4c339709767
SHA256

1430cba840c3c1d1f6c2485fdd42b1e0a3709bf7c058bd01abb094512a23ebfa
SHA512

436d0013fffa6852922c8a439c90e0f8315d1c2de1d5f2580aafb1585f00c7db9a151dd08113f0d9ae8978a6826a9fdff6382348963654680f5fc4935c3bed9d
SSDEEP

3072:rvxDi6zZ0nJXq/y1kFxhg0vYLATaAwlprBm8/sodJiT6l4R0ve/7Xq6z3E4mxNAJ:rrSnMysxhZisapV/0odiR0vwRz1mxq

Score

N/A

Malware Config

Signatures

Files

1430cba840c3c1d1f6c2485fdd42b1e0a3709bf7c058bd01abb094512a23ebfa
.dll windows x86

7aaa2ad8f07f1cf2b3cec368f573170b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA
GetModuleBaseNameA
EnumProcessModules

kernel32

LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
RaiseException
GetFileAttributesA
GetFileTime
InterlockedIncrement
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
LoadLibraryA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
lstrcpynA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcpyA
FindFirstFileA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetVersion
CompareStringA
lstrcmpiA
CompareStringW
lstrlenA
SetEvent
CreateThread
ExitProcess
CloseHandle
CreateEventA
OpenEventA
GetCurrentProcessId
SetErrorMode
GetWindowsDirectoryA
Sleep
CopyFileA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleFileNameA
GetTickCount
MultiByteToWideChar
OpenProcess
WriteProcessMemory
ReadProcessMemory
GetProcAddress
GetModuleHandleA
GetLastError
VirtualProtect
GetCurrentProcess
RtlUnwind

user32

GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
UnhookWindowsHookEx
PostMessageA
PostQuitMessage
GetMenuState
DestroyMenu
GetMenuItemID
GetWindowTextA
GetMenuItemCount
GetSubMenu
wsprintfA
GetSystemMetrics
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
CharUpperA
MapVirtualKeyA
keybd_event
SetWindowTextA
SetActiveWindow
ShowWindow
CallWindowProcA
IsWindowVisible
KillTimer
SetTimer
GetKeyState
EnumWindows
GetWindowThreadProcessId
SetWindowLongA
LoadIconA

gdi32

DeleteDC
GetStockObject
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
DeleteObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey

shell32

Shell_NotifyIconA

comctl32

ord17

shlwapi

PathIsUNCA
PathRemoveFileSpecA
PathFindExtensionA
PathFileExistsA
PathStripToRootA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

recv
send

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7aaa2ad8f07f1cf2b3cec368f573170b

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

ws2_32

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 60KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 20KB - Virtual size: 16KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 20KB - Virtual size: 16KB

.rmnet
Size: 60KB - Virtual size: 60KB