65c0ce7deaa0881c38d5dec5dca7641ff2a68b230f5cb94ce7afa0aaafc8ceb2

Sharing

Copy URL Twitter E-mail

General

Target

65c0ce7deaa0881c38d5dec5dca7641ff2a68b230f5cb94ce7afa0aaafc8ceb2
Size

314KB
MD5

0678ca6f86f77c9cfa41c9493054a6b0
SHA1

6eccf2e77e8d079b9e73c1929a10f5b23b410171
SHA256

65c0ce7deaa0881c38d5dec5dca7641ff2a68b230f5cb94ce7afa0aaafc8ceb2
SHA512

88514d678fd99807d6c143edff46ff8cd564a542d2d067fc1b1ff98072a3539d44ba6321ef2d1501b9176e7d812c6ffb13a754cc2d00bd9b97bce856fb8c95d0
SSDEEP

6144:+hlE9IW+WQyKL8ze3i8VGX5qG8obQ+y237a:IHmP2bVu5f

Score

N/A

Malware Config

Signatures

Files

65c0ce7deaa0881c38d5dec5dca7641ff2a68b230f5cb94ce7afa0aaafc8ceb2
.dll windows x86

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileW
WideCharToMultiByte
DeleteFileW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTempFileNameW
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
InterlockedIncrement
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentProcess
GetLastError
LeaveCriticalSection
LoadLibraryW
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
FlushInstructionCache
FindResourceExW
LockResource
GlobalAlloc
GlobalLock
GlobalFree
SetLastError
GlobalUnlock
GetNumberFormatW
GetLocaleInfoW
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
RaiseException
InterlockedExchange
GetVersionExW
TerminateProcess
GetModuleFileNameW

user32

DestroyMenu
PostMessageW
GetKeyState
DrawTextW
GetDlgItem
GetSysColor
GetWindowLongA
DrawEdge
GetMessagePos
SetScrollInfo
GetScrollPos
SetScrollPos
UnregisterClassA
TrackPopupMenuEx
GetMenuItemCount
DeleteMenu
CheckMenuRadioItem
CreatePopupMenu
AppendMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
PtInRect
ReleaseCapture
GetCapture
SystemParametersInfoW
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
RegisterClassExW
GetSystemMetrics
InflateRect
SetRect
GetCursorPos
SetWindowTextW
GetFocus
DrawFocusRect
LoadCursorW
GetClassInfoExW
AdjustWindowRectEx
IsWindowEnabled
ScreenToClient
SetWindowPos
GetMenu
CreateWindowExW
GetWindowLongW
CallWindowProcW
DefWindowProcW
GetDC
FillRect
ReleaseDC
LoadAcceleratorsW
DestroyAcceleratorTable
SetFocus
EnableWindow
IsWindowVisible
TranslateAcceleratorW
CreateDialogParamW
IsWindow
SetWindowLongW
ShowWindow
GetClientRect
GetParent
MoveWindow
DestroyWindow
GetSysColorBrush
GetWindowRect
SendMessageW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
MessageBoxW
LoadStringW
CharNextW
LoadImageW
SetDlgItemTextW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VarR8FromStr
SysAllocString
VarUI4FromStr
VariantChangeType
SysFreeString
VariantClear
VariantCopy
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW

gdi32

GetStockObject
DeleteObject
DeleteDC
SetBkColor
GetTextExtentExPointW
SetTextAlign
ExtTextOutW
SetBkMode
SetTextColor
SetLayout
BitBlt
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetObjectW
GetDeviceCaps
GetTextExtentPointW

shlwapi

ord437
ord219

urlmon

ord423

iertutil

ord70
ord65
ord64
ord68
ord61
ord650

Exports

Exports

CreateProfileTab

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

shlwapi

urlmon

iertutil

Exports

Exports

Sections

.text Size: 185KB - Virtual size: 185KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 9KB - Virtual size: 8KB

.rmnet Size: 86KB - Virtual size: 88KB

.text
Size: 185KB - Virtual size: 185KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 9KB - Virtual size: 8KB

.rmnet
Size: 86KB - Virtual size: 88KB