04b060091bc92a9c7aec5f4edda95058494a104f8121ce440f5bf221d9de4486

Sharing

Copy URL Twitter E-mail

General

Target

04b060091bc92a9c7aec5f4edda95058494a104f8121ce440f5bf221d9de4486
Size

268KB
MD5

0a7097f6105387bc7df93675b3ee47b0
SHA1

30204aa280b22f2323278c58f7dc179a14f123fb
SHA256

04b060091bc92a9c7aec5f4edda95058494a104f8121ce440f5bf221d9de4486
SHA512

15d81e5989bf90af3b63c2b49d6905820b647a30ecbb1877940f63c52f2c96d50baaeeba29d75a9b98860efd2aa8ba1f40d4d449943416024dda151fd5465212
SSDEEP

6144:ZYxTC2phsY7PG6bLJgkOL3ROtpOvyyyer2OXdjBo3:ZYxTjphsY7PGqFhOHyyyeFj2

Score

N/A

Malware Config

Signatures

Files

04b060091bc92a9c7aec5f4edda95058494a104f8121ce440f5bf221d9de4486
.dll windows x86

8fe65a9eeef0038812851a6751ed73a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
DeleteCriticalSection
InitializeCriticalSection
SetLastError
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
RaiseException
CreateProcessW
LoadLibraryA
GetCurrentProcessId
CloseHandle
HeapFree
GetProcessHeap
HeapAlloc
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
lstrlenW
lstrcpynW
GlobalAlloc
GlobalFree
lstrcpyW
CompareStringW
OutputDebugStringW
GetCurrentProcess
FlushInstructionCache
GetVersionExW
lstrcmpiW
GetModuleFileNameW
Sleep

user32

IsWindow
SetWindowLongW
LoadImageW
SetCursor
UnregisterClassA
CharNextW
GetDC
EndPaint
BeginPaint
MapWindowPoints
ScreenToClient
ClientToScreen
GetWindowDC
ReleaseDC
UpdateWindow
InvalidateRect
RedrawWindow
SetTimer
KillTimer
IsWindowEnabled
SetCapture
SetFocus
GetNextDlgGroupItem
GetWindow
GetParent
GetDlgCtrlID
GetDlgItem
AdjustWindowRectEx
GetClassNameW
MonitorFromWindow
GetMonitorInfoW
GetSysColor
FillRect
ReleaseCapture
DefWindowProcW
LoadCursorW
DialogBoxParamW
GetWindowThreadProcessId
FindWindowW
LoadStringW
EndDialog
SetDlgItemTextW
EnableWindow
ShowWindow
DrawTextW
OffsetRect
GetCursorPos
PtInRect
GetCapture
DrawIconEx
SetRectEmpty
EnumChildWindows
SetLayeredWindowAttributes
DestroyIcon
GetClassLongW
FindWindowExW
CallWindowProcW
GetClientRect
GetWindowRect
SetWindowPos
GetMenu
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
PostMessageW
SendMessageW
CreateWindowExW
GetWindowLongW
DestroyWindow
SystemParametersInfoW

gdi32

TextOutW
SetTextColor
SetBkMode
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
SelectObject
CreateFontIndirectW
GetObjectW
GetStockObject

advapi32

RegQueryValueExW
LookupPrivilegeValueW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
GetTokenInformation
DuplicateTokenEx
GetSidSubAuthority
GetSidSubAuthorityCount
AdjustTokenPrivileges

shell32

ShellExecuteW
SHGetFileInfoW

ole32

CoUninitialize
CoInitializeEx
PropVariantClear
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysAllocString

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

comctl32

ImageList_Destroy
ImageList_Draw
_TrackMouseEvent
ImageList_LoadImageW
ImageList_GetIconSize

msimg32

AlphaBlend

msvcr90

__dllonexit
_unlock
?terminate@@YAXXZ
memset
memmove_s
rand
srand
_itow_s
_time64
_purecall
_wtoi
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
_encode_pointer
_invalid_parameter_noinfo
_wcsnicmp
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
vswprintf_s
??2@YAPAXI@Z
??_V@YAXPAX@Z
wcsncpy_s
wcscpy_s
free
malloc
??3@YAXPAX@Z
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
__RTDynamicCast
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__CxxFrameHandler3
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z

Exports

Exports

CenterToWindow
CreateHyperLink
ExecShellAsUser
ModifyButtonImage
QNPMessageBox
RandomNum
SetButtonHeaderImage
SetCtlFontBold
SetEditHeaderImage
SetLnkAppID
SetTitleImage
StartSwitchImages
SubclassDlg
TaskBarPinExe

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fe65a9eeef0038812851a6751ed73a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcp90

comctl32

msimg32

msvcr90

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 5KB - Virtual size: 4KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 5KB - Virtual size: 4KB

.rmnet
Size: 56KB - Virtual size: 60KB