9f4703f71d08d356e543627ade7a346203d1f7829e8b1cd2dd4986e339fcb999

Sharing

Copy URL

Twitter E-mail

General

Target

9f4703f71d08d356e543627ade7a346203d1f7829e8b1cd2dd4986e339fcb999
Size

565KB
MD5

06f21ade486bcf5d9b6cee0942533b20
SHA1

3593ab042513f080dd8a5bc1e0d6f896bc849a90
SHA256

9f4703f71d08d356e543627ade7a346203d1f7829e8b1cd2dd4986e339fcb999
SHA512

54aa9f11dedc51c1148bcde45d71386c2766ba79bd3ad4ebee870973957938028c2334ae904aca61d7f803661a518bdd69836798e0444c843518b7c062ee924d
SSDEEP

12288:gN5zT81Z1GVUbfwRflTErY1xDCWGrxoS0bCUWh:g7zuZY+bfwRflTEk1xD7Yfh

Score

N/A

Malware Config

Signatures

Files

9f4703f71d08d356e543627ade7a346203d1f7829e8b1cd2dd4986e339fcb999
.dll windows x86

e658411091bfd762b5b17af652f50557

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WaitForSingleObject
WriteFile
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CreateFileA
FlushFileBuffers
CreateActCtxW
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileW
CreateFileMappingW
MapViewOfFile
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
EnumUILanguagesW
CloseHandle
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpW
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
LocalFree
FormatMessageW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetProcAddress
MulDiv
FindResourceExW
LockResource
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetModuleHandleW
ReleaseActCtx
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedExchange
GetVersionExW
GetModuleFileNameW

user32

MessageBoxW
SetForegroundWindow
IsIconic
GetForegroundWindow
SetRect
InsertMenuW
LoadStringW
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
UnregisterClassA
IsChild
GetCaretPos
GetClassInfoExW
RemoveMenu
SetScrollInfo
DeleteMenu
GetCapture
SetCursor
GetWindowDC
SystemParametersInfoW
DrawEdge
ReleaseCapture
SetCapture
UpdateWindow
CreateDialogParamW
SetRectEmpty
CreatePopupMenu
LoadCursorW
DrawTextW
RegisterClassExW
SetDlgItemTextW
GetMenuItemCount
GetKeyState
GetDesktopWindow
GetScrollPos
GetUpdateRect
IsWindowVisible
PtInRect
BeginPaint
GetSysColor
FillRect
EndPaint
ClientToScreen
GetWindowRect
SetWindowPos
GetDC
ReleaseDC
GetSystemMetrics
LoadAcceleratorsW
GetParent
EnableWindow
GetFocus
TranslateAcceleratorW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
EndDialog
ShowWindow
LoadMenuW
EnableMenuItem
GetSubMenu
TrackPopupMenuEx
DestroyMenu
CheckMenuItem
GetActiveWindow
DialogBoxParamW
PostMessageW
GetMessagePos
DefWindowProcW
GetWindowLongW
CallWindowProcW
GetDlgItem
IsWindow
GetSysColorBrush
GetScrollInfo
AppendMenuW
SetScrollPos
SetFocus
InvalidateRect
ScreenToClient
GetClientRect
MoveWindow
SetWindowLongW
CreateWindowExW
KillTimer
DestroyWindow
SetTimer
SendMessageW
CharNextW
LoadImageW
DestroyAcceleratorTable

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData
OleCreateStaticFromData
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantChangeTypeEx
SysAllocStringLen
SysStringLen
SysAllocString
VariantCopy
VariantClear
VariantInit
SafeArrayDestroy
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VarUI4FromStr
SysFreeString

oleacc

CreateStdAccessibleObject
LresultFromObject

advapi32

RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

gdi32

GetTextMetricsW
GetTextExtentPoint32W
SelectObject
DeleteDC
BitBlt
DeleteObject
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
PatBlt
CreatePatternBrush
CreateBitmap
GetObjectW
StretchBlt
SetBrushOrgEx
SetStretchBltMode
ExtTextOutW
SetBkColor
GetDeviceCaps
MoveToEx
LineTo
TextOutW
SetTextColor
ExtCreatePen
GetTextExtentPointW
SetBkMode
CreateFontIndirectW

msimg32

TransparentBlt

urlmon

ord423
CreateUri

shlwapi

ord219
ord437

iertutil

ord70
ord65
ord64
ord68
ord61
ord71
ord650

Exports

Exports

CreateScriptTab

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e658411091bfd762b5b17af652f50557

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

msimg32

urlmon

shlwapi

iertutil

Exports

Exports

Sections

.text Size: 365KB - Virtual size: 365KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 28KB - Virtual size: 27KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 365KB - Virtual size: 365KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 28KB - Virtual size: 27KB

.rmnet
Size: 56KB - Virtual size: 60KB