01efedfa3ae876ced7d9b7fe52281f3ec1f4a8272e7630c034536959be201a20

Sharing

Copy URL Twitter E-mail

General

Target

01efedfa3ae876ced7d9b7fe52281f3ec1f4a8272e7630c034536959be201a20
Size

141KB
MD5

079a6a61e1851f076530c3c83d6112d0
SHA1

41e9c1b60b1b86edc9006e0ea795b512f4e8df8a
SHA256

01efedfa3ae876ced7d9b7fe52281f3ec1f4a8272e7630c034536959be201a20
SHA512

c8c07ba578b06028079dfb4ae8f7b993519a716a3a2bb4582bbebe2eec541329d6688d3b427673998a18c7151e3a2fc0b3c544b8a35a80e686741384014962db
SSDEEP

3072:ZJLH8Ljg5woxNR7x2kaXrrOgfLaR0MkshIAWrpzd4uirJ:ZBcLs5PxfgkKrrOgfuyFRC

Score

N/A

Malware Config

Signatures

Files

01efedfa3ae876ced7d9b7fe52281f3ec1f4a8272e7630c034536959be201a20
.dll windows x86

20a63bf555ad1cad7719552ec5e1a9ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
EnterCriticalSection
GetFileAttributesW
LeaveCriticalSection
SetFileAttributesW
RaiseException
GetPrivateProfileStringW
GetPrivateProfileIntW
OutputDebugStringW
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
QueryPerformanceFrequency
WideCharToMultiByte
GetLastError
SetLastError
DeleteCriticalSection
ReadProcessMemory
VirtualProtect
WriteProcessMemory
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCurrentProcess
InitializeCriticalSection
GetProcessTimes
GetModuleHandleW
GetProcAddress
CreateDirectoryW
GetCurrentProcessId
FindClose
MoveFileW
Sleep
DeleteFileW
FindFirstFileW
GetModuleFileNameW
WriteFile
VirtualQuery
SetFilePointer
CreateFileW
LoadLibraryA
CloseHandle
lstrlenW

user32

GetFocus
SetCursor
GetClientRect
CallWindowProcW
SetWindowLongW
SetLayeredWindowAttributes
SetTimer
WindowFromPoint
SetFocus
ChildWindowFromPoint
IsWindowVisible
GetWindowRect
GetCursorPos
SetWindowPos
GetClassNameW
GetParent
EnumChildWindows
PostMessageW
KillTimer
EnumThreadWindows
GetSystemMetrics
GetCaretBlinkTime
ReleaseDC
GetWindowLongW
PrintWindow
DestroyWindow
ShowWindow
CreateWindowExW
RegisterClassExW
GetClassInfoExW
DefWindowProcW
IsWindow
LoadCursorW
SendMessageW
UnregisterClassA
GetDC

gdi32

CreateCompatibleDC
GetDIBits
SetWindowOrgEx
CreateCompatibleBitmap
SelectObject
GetObjectW
DeleteObject
CreateDIBSection
GetStockObject

ole32

CoCreateInstance

oleaut32

SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
VariantClear
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayDestroy
SysStringLen
VariantInit
SysFreeString
SysAllocString

atl80

ord31
ord64
ord32
ord43
ord47
ord42
ord44
ord48

msvcp80

?uncaught_exception@std@@YA_NXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

_recalloc
memmove_s
??2@YAPAXI@Z
swprintf_s
_snwprintf_s
_vswprintf_c_l
wcsncpy_s
strstr
_purecall
_time64
calloc
realloc
wcsncmp
wcsstr
memcpy_s
vswprintf_s
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
memcpy
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__CxxFrameHandler3
_CxxThrowException
??3@YAXPAX@Z
malloc
_snwprintf
??0exception@std@@QAE@ABV01@@Z
wcsrchr
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
free
memmove
iswspace
wcsncpy
_wsplitpath_s
wcsncat
??0exception@std@@QAE@XZ
_vswprintf
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ

Exports

Exports

DestroyWebCore
GetWebCore

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20a63bf555ad1cad7719552ec5e1a9ad

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

atl80

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.rmnet
Size: 56KB - Virtual size: 60KB