9ca5b8a74d1c7d91bc1bea5a3189478e43a24bc630010c442d74e1102efb4795

Sharing

Copy URL Twitter E-mail

General

Target

9ca5b8a74d1c7d91bc1bea5a3189478e43a24bc630010c442d74e1102efb4795
Size

71KB
MD5

283a08fee2e6098c31f6581922d89780
SHA1

e37be09e27272de7b4e52a44b8f7d0083238e8d6
SHA256

9ca5b8a74d1c7d91bc1bea5a3189478e43a24bc630010c442d74e1102efb4795
SHA512

064b931db36ea8c3909c61e473d766c6652e27b476bf740a7f775c2d014bca6f0c17e7c5ec0a5aa5fb4db86cdecb3ad098876d97915f3de12c0693d94da43d01
SSDEEP

1536:4mjj0KXCc2EmNUU6mIBRQ1eQkYC9+i11qGLi:J3qc2N16XB+1e5YCEiHV

Score

N/A

Malware Config

Signatures

Files

9ca5b8a74d1c7d91bc1bea5a3189478e43a24bc630010c442d74e1102efb4795
.dll windows x86

b3713dbd467034362cd14e822c432c47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

bsearch
_wcsicmp
_wcsnicmp
wcsncmp
memcpy
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CxxThrowException
_vsnwprintf

kernel32

MultiByteToWideChar
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
FreeLibrary
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
LoadLibraryExW
LoadResource
FindResourceExW
LocalReAlloc
GetPrivateProfileStringA
lstrlenA
GetLastError
WideCharToMultiByte
ReadFile
FormatMessageW
GetFileAttributesW
HeapFree
LocalFree
GetProcessHeap
CompareStringW
HeapReAlloc
HeapAlloc
lstrlenW
GetPrivateProfileStringW
CloseHandle
LocalAlloc
GetFileSize
CreateFileW
SetLastError
WritePrivateProfileSectionW
WritePrivateProfileStringW
lstrcmpW
GetPrivateProfileSectionW
GetModuleFileNameW
GetVersionExW
DeleteCriticalSection
DeleteAtom
FindAtomA
InitializeCriticalSection
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
GlobalFree
GlobalAlloc
AddAtomA
WriteFile
SetFilePointer
lstrcmpiW
InterlockedDecrement
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

DrawTextW
SetWindowPos
CreateWindowExW
GetScrollInfo
GetDC
ReleaseDC
GetParent
GetWindowRect
GetWindowTextW
DialogBoxParamW
CallWindowProcW
GetDlgItem
EnableWindow
GetDlgItemTextW
MessageBoxW
SetDlgItemTextW
EndDialog
SetWindowTextW
SendMessageW
MoveWindow
DestroyWindow
LoadCursorW
RegisterClassA
CreateWindowExA
GetWindowLongW
DefWindowProcW
SetScrollPos
SetWindowLongW
GetClientRect
LoadStringW
SetScrollRange
ShowWindow
UnregisterClassA

gdi32

GetTextExtentPoint32W
SelectObject
DeleteObject
GetStockObject
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps

shlwapi

ord217
PathFindFileNameW
ord346
StrCmpW
StrRChrW
StrCSpnW
StrSpnW
StrCmpNW
StrDupW
StrToIntW
StrCmpIW

oleaut32

SysFreeString
VariantInit
VariantClear
SysStringLen
SysAllocString

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

comctl32

ord16

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

mlang

ord113
ord112

Exports

Exports

AdmClose
AdmFinished
AdmInit
AdmReset
AdmSaveData
CheckDuplicateKeys
CreateAdmUi
DllMain
GetAdmCategories
GetFontInfo
IsAdmDirty
ResetAdmDirtyFlag

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3713dbd467034362cd14e822c432c47

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

shlwapi

oleaut32

ole32

comctl32

advapi32

mlang

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 53KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 53KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 5KB