aa4969924ac1e9a8699e1655586fd871484477f8361c180d97bc38d936765821

Sharing

Copy URL Twitter E-mail

General

Target

aa4969924ac1e9a8699e1655586fd871484477f8361c180d97bc38d936765821
Size

285KB
MD5

3b08290b880591a035333e9bd92b4530
SHA1

4608166936d75a99d58fa3472d90196c3fde6408
SHA256

aa4969924ac1e9a8699e1655586fd871484477f8361c180d97bc38d936765821
SHA512

a3fdde7b9d73a525a0bf66478d321da2d54b86186b912cd832638575a4d96e1382fbe0a79bce052a905de83e2318f3e061aaca9ae1d2a10215abe4eb328029c8
SSDEEP

6144:ChlE9IW+WQyKL8ze3i8VGHctg8tFhV/T5fE:0HmP2bVlj//m

Score

N/A

Malware Config

Signatures

Files

aa4969924ac1e9a8699e1655586fd871484477f8361c180d97bc38d936765821
.dll windows x86

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileW
WideCharToMultiByte
DeleteFileW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTempFileNameW
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
InterlockedIncrement
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentProcess
GetLastError
LeaveCriticalSection
LoadLibraryW
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
FlushInstructionCache
FindResourceExW
LockResource
GlobalAlloc
GlobalLock
GlobalFree
SetLastError
GlobalUnlock
GetNumberFormatW
GetLocaleInfoW
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
RaiseException
InterlockedExchange
GetVersionExW
TerminateProcess
GetModuleFileNameW

user32

DestroyMenu
PostMessageW
GetKeyState
DrawTextW
GetDlgItem
GetSysColor
GetWindowLongA
DrawEdge
GetMessagePos
SetScrollInfo
GetScrollPos
SetScrollPos
UnregisterClassA
TrackPopupMenuEx
GetMenuItemCount
DeleteMenu
CheckMenuRadioItem
CreatePopupMenu
AppendMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
PtInRect
ReleaseCapture
GetCapture
SystemParametersInfoW
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
RegisterClassExW
GetSystemMetrics
InflateRect
SetRect
GetCursorPos
SetWindowTextW
GetFocus
DrawFocusRect
LoadCursorW
GetClassInfoExW
AdjustWindowRectEx
IsWindowEnabled
ScreenToClient
SetWindowPos
GetMenu
CreateWindowExW
GetWindowLongW
CallWindowProcW
DefWindowProcW
GetDC
FillRect
ReleaseDC
LoadAcceleratorsW
DestroyAcceleratorTable
SetFocus
EnableWindow
IsWindowVisible
TranslateAcceleratorW
CreateDialogParamW
IsWindow
SetWindowLongW
ShowWindow
GetClientRect
GetParent
MoveWindow
DestroyWindow
GetSysColorBrush
GetWindowRect
SendMessageW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
MessageBoxW
LoadStringW
CharNextW
LoadImageW
SetDlgItemTextW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VarR8FromStr
SysAllocString
VarUI4FromStr
VariantChangeType
SysFreeString
VariantClear
VariantCopy
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW

gdi32

GetStockObject
DeleteObject
DeleteDC
SetBkColor
GetTextExtentExPointW
SetTextAlign
ExtTextOutW
SetBkMode
SetTextColor
SetLayout
BitBlt
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetObjectW
GetDeviceCaps
GetTextExtentPointW

shlwapi

ord437
ord219

urlmon

ord423

iertutil

ord70
ord65
ord64
ord68
ord61
ord650

Exports

Exports

CreateProfileTab

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

shlwapi

urlmon

iertutil

Exports

Exports

Sections

.text Size: 185KB - Virtual size: 185KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 9KB - Virtual size: 8KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 185KB - Virtual size: 185KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 9KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB