b0a2a67168ee5cf53bca213c1e1de0811877628d2fe164c816a89393b8abe84a

Sharing

Copy URL Twitter E-mail

General

Target

b0a2a67168ee5cf53bca213c1e1de0811877628d2fe164c816a89393b8abe84a
Size

718KB
MD5

836c4c8dc8317aef1df568eab4ae8acd
SHA1

fa87f7407d71eb91122e573c53160401ddf70f83
SHA256

b0a2a67168ee5cf53bca213c1e1de0811877628d2fe164c816a89393b8abe84a
SHA512

e87e82e9decde9ef16eca2cafcda7ad474bb086a997db834fda41a83fb262179364dce9f19e32eeac930c0f8d8109343c914ae1b9cf36bb1f41bb42f2f7d04fd
SSDEEP

12288:VwxzVEYEprVBh9IN2jKN4j8vToTDTrvTDfDTodTXcjEKEFAojEFmAonO2b8tarx6:VwhVEBth294j8vToTDTrvTDfDTodTXcH

Score

N/A

Malware Config

Signatures

Files

b0a2a67168ee5cf53bca213c1e1de0811877628d2fe164c816a89393b8abe84a
.exe windows x86

eb87ab3e88c9455f37c1d587022c0f81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcef

cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_list_clear
cef_string_multimap_alloc
cef_string_multimap_free
cef_string_utf16_set
cef_process_message_create
cef_v8context_get_current_context
cef_v8value_create_function
cef_v8value_create_array_buffer
cef_v8value_create_array
cef_v8value_create_object
cef_v8value_create_string
cef_v8value_create_date
cef_v8value_create_int
cef_v8value_create_bool
cef_v8value_create_null
cef_uridecode
cef_uriencode
cef_parse_url
cef_enable_highdpi_support
cef_quit_message_loop
cef_run_message_loop
cef_shutdown
cef_initialize
cef_execute_process
cef_register_extension
cef_post_task
cef_currently_on
cef_api_hash
cef_command_line_create
cef_string_map_free
cef_string_map_alloc
cef_string_userfree_utf16_free
cef_browser_host_create_browser
cef_string_list_free
cef_string_list_alloc
cef_log
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_time_from_timet
cef_string_utf16_cmp
cef_string_utf8_to_utf16
cef_string_utf16_clear

shlwapi

PathRemoveFileSpecW

kernel32

GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
HeapAlloc
HeapFree
GetDriveTypeW
GetACP
GetStdHandle
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
RaiseException
RtlUnwind
InitializeSListHead
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetCurrentDirectoryW
HeapSize
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
FindNextFileW
SetLastError
CreateProcessW
TerminateProcess
GetModuleHandleW
GetProcAddress
LoadLibraryW
MultiByteToWideChar
FindClose
WriteConsoleW
FindFirstFileW
WideCharToMultiByte
GetCommandLineW
GetModuleFileNameW
ExitProcess
SetEvent
GetLastError
CreateEventW
MapViewOfFileEx
CreateFileMappingW
GetTempFileNameW
GetFileSize
GetFullPathNameW
CreateDirectoryW
GetCurrentProcessId
CloseHandle
DeleteFileW
CreateFileW
WriteFile
ReadFile

user32

GetFocus
GetWindowLongW
SetDlgItemTextW
SetCursor
SetClassLongW
ReleaseDC
UpdateLayeredWindow
GetDC
IsWindow
EndPaint
BeginPaint
ClientToScreen
GetClientRect
WindowFromPoint
ScreenToClient
GetCursorPos
TrackMouseEvent
ReleaseCapture
GetCapture
SetFocus
SetCapture
GetDoubleClickTime
GetSystemMetrics
GetMessageTime
GetKeyState
RegisterClassExW
LoadCursorW
LoadIconW
SystemParametersInfoW
SetForegroundWindow
CreateWindowExW
DefWindowProcW
DestroyWindow
ShowWindow
SendMessageW
GetForegroundWindow
MessageBoxW
wsprintfW
CreateDialogParamW
SetWindowLongW
GetDlgItem
SetWindowTextW
EnableWindow

gdi32

DeleteObject
DeleteDC
SelectObject
SetBitmapBits
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHFileOperationW
SHCreateDirectoryExW

yueli

YueliUpdateDataW

Sections

.text
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb87ab3e88c9455f37c1d587022c0f81

Headers

DLL Characteristics

File Characteristics

Imports

libcef

shlwapi

kernel32

user32

gdi32

shell32

yueli

Sections

.text Size: 398KB - Virtual size: 397KB

.rdata Size: 114KB - Virtual size: 113KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 398KB - Virtual size: 397KB

.rdata
Size: 114KB - Virtual size: 113KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 27KB - Virtual size: 26KB