993e4b21e5c6b3ec9472186e47da5af321c8564ce95d3fc2090168186476e916

Sharing

Copy URL Twitter E-mail

General

Target

993e4b21e5c6b3ec9472186e47da5af321c8564ce95d3fc2090168186476e916
Size

555KB
MD5

0d5c547dd45154a90ab8336e5c3826b6
SHA1

94ca3e30b012d43f83bd7abeb80174a6742b7313
SHA256

993e4b21e5c6b3ec9472186e47da5af321c8564ce95d3fc2090168186476e916
SHA512

aeb8c0ecdce5678ecdaff143c2cbc1fe2b3b80986ddf4dafaf5f5286abddf40480dc0c8fb88d540278c3d8b314fb18146526b01f39e0b60363b73bf8df4b749b
SSDEEP

12288:RyqgcrD435oCGZ7rqhR4CaPyEc8B+XLEqIeX6gAy/H:RL4SrZoRvaPyVXMeBAGH

Score

N/A

Malware Config

Signatures

Files

993e4b21e5c6b3ec9472186e47da5af321c8564ce95d3fc2090168186476e916
.dll windows x86

a654a29e2f99af5247506fac6ee4864b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlW

shlwapi

PathAppendW
PathFileExistsW
PathRemoveFileSpecW

urlmon

URLDownloadToCacheFileW

kernel32

LoadLibraryExW
GetModuleFileNameW
InterlockedIncrement
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
Sleep
OutputDebugStringW
SetLastError
lstrcpyW
CompareStringW
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetLastError
LCMapStringA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
HeapCreate
ExitProcess
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GlobalAddAtomA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
HeapFree
lstrlenA
RaiseException
lstrcmpiW
FreeLibrary
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CloseHandle
ReadFile
GetFileSize
CreateFileW
VirtualQuery
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
SetEnvironmentVariableA
SetHandleCount

user32

FillRect
OffsetRect
DrawTextW
ReleaseDC
GetDC
GetWindowTextLengthW
CreateWindowExW
LoadCursorW
GetClassNameW
ScreenToClient
GetCapture
SetCursor
PtInRect
InvalidateRect
EndPaint
BeginPaint
DestroyIcon
SetRectEmpty
DestroyWindow
CreateDialogParamW
EndDialog
DialogBoxParamW
GetActiveWindow
SetCapture
UpdateWindow
IsWindowEnabled
CheckRadioButton
IsDlgButtonChecked
DispatchMessageW
TranslateMessage
PeekMessageW
GetCursorPos
IsWindow
CheckDlgButton
GetDlgCtrlID
SendMessageW
CallWindowProcW
DefWindowProcW
SetWindowLongW
SetActiveWindow
GetSysColor
GetDlgItemTextW
SetFocus
EnumChildWindows
GetWindowTextW
SetWindowTextW
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
EnableWindow
SetDlgItemTextW
CharNextW
SetTimer
PostMessageW
KillTimer
UnregisterClassA
GetFocus
DrawFocusRect
FindWindowW
ReleaseCapture

gdi32

GetObjectW
GetStockObject
CreateSolidBrush
SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectW
SelectObject

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysStringLen
SysAllocStringByteLen
VarUI4FromStr
VarBstrCmp
SysAllocString
SysFreeString

comctl32

ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_Create
ImageList_Destroy
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DragEnter
_TrackMouseEvent
ImageList_BeginDrag

Exports

Exports

GetDownloadManager
IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a654a29e2f99af5247506fac6ee4864b

Headers

File Characteristics

Imports

wininet

shlwapi

urlmon

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 250KB - Virtual size: 250KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 20KB - Virtual size: 20KB

.text Size: 195KB - Virtual size: 196KB

.text
Size: 250KB - Virtual size: 250KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 195KB - Virtual size: 196KB