31b27e8093951b246a5f4ff270e4ac9a9861829acd59af30f726bbb3e3b39579

Sharing

Copy URL Twitter E-mail

General

Target

31b27e8093951b246a5f4ff270e4ac9a9861829acd59af30f726bbb3e3b39579
Size

136KB
MD5

30c1a1690c4a04f1c1f5a7c9decb2d70
SHA1

2f0d1b8754f08bc238152af59fb7be82a04c8e04
SHA256

31b27e8093951b246a5f4ff270e4ac9a9861829acd59af30f726bbb3e3b39579
SHA512

deff51af4d96a5dfeb2dd37b13a934d10feba7ca5bcee67a3bb6aa6a6c6555a83aa085d12d6e4f1af7a66faadd30ac81d954e2227471776d07427d652c70cf16
SSDEEP

1536:7EBXOGn9+TvGMT4go2iGinJeBnDxvU71CTtJD240+iMbhymtina0x/5W/:7EBeOQTzZhiJeBn6p2Jy40AsmtOx/5W

Score

N/A

Malware Config

Signatures

Files

31b27e8093951b246a5f4ff270e4ac9a9861829acd59af30f726bbb3e3b39579
.dll windows x86

200151bc7162136ae48b248d429a0585

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileSize
GetFileTime
lstrcatA
GetVersion
LocalAlloc
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentThreadId
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
SetLastError
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
RaiseException
GetACP
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetSystemInfo
GetVersionExA
lstrlenA
GetPrivateProfileSectionA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
CreateFileA
WriteFile
CloseHandle
GetWindowsDirectoryA
SetFileAttributesA
TerminateThread
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateThread
GetTickCount
Sleep
LoadLibraryA
GlobalAddAtomA
GetProcAddress

user32

GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetSubMenu
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
UnhookWindowsHookEx
LoadStringA
CharUpperA
GetMenuItemID
wsprintfA
GetSystemMetrics
PeekMessageA

advapi32

RegQueryValueExA
RegOpenCurrentUser
RegCloseKey
RegOpenKeyExA
RegSetValueExA
OpenProcessToken
DuplicateTokenEx
ImpersonateLoggedOnUser
SetServiceStatus

shell32

ShellExecuteA

comctl32

ord17

wininet

InternetSetOptionA
HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetAttemptConnect

iphlpapi

GetAdaptersInfo

shlwapi

PathIsURLA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
SetViewportOrgEx
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetClipBox
SetTextColor
SetMapMode
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
SetBkColor
GetObjectA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

Exports

Exports

ServiceMain

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

200151bc7162136ae48b248d429a0585

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

wininet

iphlpapi

shlwapi

gdi32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 16KB - Virtual size: 41KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 16KB - Virtual size: 41KB

.reloc
Size: 12KB - Virtual size: 10KB