42c21df909903a9a1bb2d7ed974ab0416dcd406ec8c4dc47920ec775bcfd1276

Sharing

Copy URL

Twitter E-mail

General

Target

42c21df909903a9a1bb2d7ed974ab0416dcd406ec8c4dc47920ec775bcfd1276
Size

555KB
MD5

0cf92839223df699698b2afc030de823
SHA1

429dc9a163df45be822f7d0cd316b7c3fdbd77d6
SHA256

42c21df909903a9a1bb2d7ed974ab0416dcd406ec8c4dc47920ec775bcfd1276
SHA512

a20fe04621e02f986ad02d23835ccd87507581d7dc8cc09ad9ece6fde820191aa2ca216c29316a823112bdee42a226cf9509f94cdd32fa863bb455a7764ce163
SSDEEP

12288:dyqgcrD435oCGZ7rqhR4CaPSEc8B+XLEqIeX6gAy/T:dL4SrZoRvaPSVXMeBAGT

Score

N/A

Malware Config

Signatures

Files

42c21df909903a9a1bb2d7ed974ab0416dcd406ec8c4dc47920ec775bcfd1276
.dll windows x86

a654a29e2f99af5247506fac6ee4864b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlW

shlwapi

PathAppendW
PathFileExistsW
PathRemoveFileSpecW

urlmon

URLDownloadToCacheFileW

kernel32

LoadLibraryExW
GetModuleFileNameW
InterlockedIncrement
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
Sleep
OutputDebugStringW
SetLastError
lstrcpyW
CompareStringW
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetLastError
LCMapStringA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
HeapCreate
ExitProcess
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GlobalAddAtomA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
HeapFree
lstrlenA
RaiseException
lstrcmpiW
FreeLibrary
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CloseHandle
ReadFile
GetFileSize
CreateFileW
VirtualQuery
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
SetEnvironmentVariableA
SetHandleCount

user32

FillRect
OffsetRect
DrawTextW
ReleaseDC
GetDC
GetWindowTextLengthW
CreateWindowExW
LoadCursorW
GetClassNameW
ScreenToClient
GetCapture
SetCursor
PtInRect
InvalidateRect
EndPaint
BeginPaint
DestroyIcon
SetRectEmpty
DestroyWindow
CreateDialogParamW
EndDialog
DialogBoxParamW
GetActiveWindow
SetCapture
UpdateWindow
IsWindowEnabled
CheckRadioButton
IsDlgButtonChecked
DispatchMessageW
TranslateMessage
PeekMessageW
GetCursorPos
IsWindow
CheckDlgButton
GetDlgCtrlID
SendMessageW
CallWindowProcW
DefWindowProcW
SetWindowLongW
SetActiveWindow
GetSysColor
GetDlgItemTextW
SetFocus
EnumChildWindows
GetWindowTextW
SetWindowTextW
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
EnableWindow
SetDlgItemTextW
CharNextW
SetTimer
PostMessageW
KillTimer
UnregisterClassA
GetFocus
DrawFocusRect
FindWindowW
ReleaseCapture

gdi32

GetObjectW
GetStockObject
CreateSolidBrush
SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectW
SelectObject

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysStringLen
SysAllocStringByteLen
VarUI4FromStr
VarBstrCmp
SysAllocString
SysFreeString

comctl32

ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_Create
ImageList_Destroy
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DragEnter
_TrackMouseEvent
ImageList_BeginDrag

Exports

Exports

GetDownloadManager
IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a654a29e2f99af5247506fac6ee4864b

Headers

File Characteristics

Imports

wininet

shlwapi

urlmon

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 250KB - Virtual size: 250KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 20KB - Virtual size: 20KB

.text Size: 195KB - Virtual size: 196KB

.text
Size: 250KB - Virtual size: 250KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 195KB - Virtual size: 196KB