e0bce62def43a2ee3b005e8c29c394b668accf3fa2bba8b27248f50c7e35d1db

Sharing

Copy URL

Twitter E-mail

General

Target

e0bce62def43a2ee3b005e8c29c394b668accf3fa2bba8b27248f50c7e35d1db
Size

64KB
MD5

31e39ba7b98cea68ba19bb674577e3e0
SHA1

e80efd8050454356d4d8bfaf1f0064874a2edf3a
SHA256

e0bce62def43a2ee3b005e8c29c394b668accf3fa2bba8b27248f50c7e35d1db
SHA512

fa411cec3d1efaf4a1e596bec5f608a92d8adb369fa00eb22f71e6ad4301554fe6283649c8add98e4be2203e53154b58c619057ea8c96923a64b661949dab6f1
SSDEEP

1536:v8Th3a/4odCeoySB9nQZDn+/b0MHTWcTuM7qiuqOhMry:6q/45eoP9nQN+4cz7qirOhMry

Score

N/A

Malware Config

Signatures

Files

e0bce62def43a2ee3b005e8c29c394b668accf3fa2bba8b27248f50c7e35d1db
.dll windows x86

db7f0679a0ddf13fe5f8c6fc55918c59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateEventA
SleepEx
PulseEvent
WriteFile
OpenEventA
OpenMutexA
GetModuleFileNameA
GetWindowsDirectoryA
DisableThreadLibraryCalls
ReadDirectoryChangesW
GetFileAttributesExA
WideCharToMultiByte
GetDriveTypeA
GetLogicalDriveStringsA
InterlockedIncrement
InterlockedDecrement
FreeLibraryAndExitThread
VirtualFree
VirtualProtect
InterlockedPushEntrySList
MultiByteToWideChar
TerminateProcess
OpenProcess
GetCurrentProcessId
lstrlenW
Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
VirtualQuery
GetSystemInfo
GetProcAddress
Thread32Next
Thread32First
QueryDosDeviceA
GetVersionExA
FindNextFileA
FindFirstFileA
ReadFile
CreatePipe
GetModuleHandleA
GetLastError
InterlockedPopEntrySList
InitializeSListHead
CreateThread
WaitForSingleObject
ReleaseMutex
GetTempPathA
GetTempFileNameA
Sleep
CreateProcessA
WinExec
CopyFileA
SetFileAttributesA
FreeLibrary
CreateMutexA
LoadLibraryA
VirtualAlloc
CloseHandle

user32

PrintWindow
GetDesktopWindow
EnumDesktopWindows
GetWindowTextA
GetClassNameA
GetWindowDC
EnumWindows
SetWindowsHookExA
IsWindow
UnhookWindowsHookEx
GetClientRect
IsRectEmpty
EnumChildWindows
GetWindowRect
GetDC
CallNextHookEx
GetWindowThreadProcessId

gdi32

DeleteObject
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
DeleteDC
BitBlt

advapi32

RegEnumValueA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance

oleaut32

SysStringLen
VariantClear
SysAllocString
SysFreeString

msvcp60

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

wininet

HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
InternetCloseHandle

urlmon

URLDownloadToFileA

ws2_32

closesocket
setsockopt
WSACleanup

shell32

SHGetFolderPathA

psapi

GetProcessImageFileNameA

shlwapi

PathFileExistsA

msvcrt

??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
fclose
_except_handler3
wcscmp
_memicmp
free
_mbscmp
_CxxThrowException
_mbsupr
_snprintf
_ismbcprint
printf
atol
strstr
_ltoa
abs
wcsstr
_mbslwr
_wcsicmp
_mbsstr
fopen
malloc
fgets
memcmp
strncpy
memset
clock
_mbsrchr
_mbsnbcpy
_mbsicmp
_mbstok
atoi
strlen
_mbschr
__CxxFrameHandler
strcat
strcpy
sprintf
??2@YAPAXI@Z
memcpy

gdiplus

GdipGetImageEncodersSize
GdiplusStartup
GdipSaveImageToStream
GdipDisposeImage
GdipFree
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders

iphlpapi

GetAdaptersInfo

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

Exports

Exports

?GetOS@Utility@@SAKXZ
_LOADLIBRARY_DUMMY

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db7f0679a0ddf13fe5f8c6fc55918c59

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp60

wininet

urlmon

ws2_32

shell32

psapi

shlwapi

msvcrt

gdiplus

iphlpapi

rpcrt4

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 59KB - Virtual size: 59KB

.reloc
Size: 3KB - Virtual size: 3KB