abbeddf45c537ef21ed5e1df4f4b29f0d6019f34d5b5af3aa08d9178b9b74f42

Sharing

Copy URL

Twitter E-mail

General

Target

abbeddf45c537ef21ed5e1df4f4b29f0d6019f34d5b5af3aa08d9178b9b74f42
Size

355KB
MD5

c82c9ed303942609526ce4839f17c248
SHA1

f45563e99c826b4d5080afaeb621cc686d04864d
SHA256

abbeddf45c537ef21ed5e1df4f4b29f0d6019f34d5b5af3aa08d9178b9b74f42
SHA512

5dc075230fc01d8e218f6d70331a6e9230b4658daa1d87d8d55f3f488241dce7061bc185c3c6fedba7adb19d2a82329393c651036a7eb49221a4fe1586163bac
SSDEEP

3072:/XwnPsxAHDgjrgVV3WPEoba7ZAI//1Hrim1b+mVWTBpnQchOkCLryfsmvEypvpwY:4nUxg0PVPEoOAeFHRkTPQGOkCLPSLvK

Score

N/A

Malware Config

Signatures

Files

abbeddf45c537ef21ed5e1df4f4b29f0d6019f34d5b5af3aa08d9178b9b74f42
.dll windows x86

02f1342b471f69737f0f455dbab0bef1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetEapUserIdentityA
RasGetEntryDialParamsW
RasSetAutodialAddressA
RasEnumEntriesW
RasConnectionNotificationW
RasClearLinkStatistics
RasGetLinkStatistics
RasGetCredentialsA
RasGetCountryInfoA
RasDeleteEntryW
RasValidateEntryNameA
RasGetProjectionInfoW
RasEnumDevicesW
RasGetConnectStatusW
DDMGetPhonebookInfo
RasFreeEapUserIdentityW
RasCreatePhonebookEntryA
RasGetSubEntryPropertiesW
RasSetEntryPropertiesA
RasGetCustomAuthDataA
RasAutoDialSharedConnection
RasGetEntryDialParamsA
RasSetAutodialEnableA
RasDialW
RasSetEapUserDataA
RasGetConnectionStatistics
RasGetSubEntryHandleW

comctl32

FlatSB_ShowScrollBar
ImageList_SetFlags
DestroyPropertySheetPage
ImageList_SetBkColor
MenuHelp
ImageList_Add
ImageList_AddIcon
CreatePropertySheetPageA
InitMUILanguage
ImageList_LoadImageA
FlatSB_GetScrollPos
ImageList_GetIcon
ImageList_Duplicate
GetEffectiveClientRect
InitCommonControls
ImageList_Destroy
FlatSB_EnableScrollBar
ImageList_ReplaceIcon
DrawInsert
ImageList_AddMasked
InitCommonControlsEx
ImageList_SetImageCount
PropertySheetA
ImageList_SetOverlayImage
CreatePropertySheetPageW
ImageList_Write
ImageList_EndDrag
FlatSB_SetScrollPos
ImageList_DragEnter

urlmon

ObtainUserAgentString
HlinkGoBack
CoInternetCompareUrl
URLOpenPullStreamA
URLDownloadToFileW
GetComponentIDFromCLSSPEC
URLOpenBlockingStreamW
RegisterMediaTypes
IsValidURL
MkParseDisplayNameEx
HlinkSimpleNavigateToString
GetClassURL
URLOpenStreamA
IsLoggingEnabledA
CoInternetGetProtocolFlags
URLOpenPullStreamW
HlinkNavigateString
CoInternetGetSecurityUrl
RegisterMediaTypeClass
CreateFormatEnumerator
SetSoftwareUpdateAdvertisementState
URLOpenStreamW
CoInternetGetSession
RegisterBindStatusCallback
WriteHitLogging
CopyBindInfo

kernel32

GlobalHandle
GetDiskFreeSpaceExW
WaitNamedPipeA
CreateHardLinkW
ExitProcess
GetProfileIntA
PostQueuedCompletionStatus
FindFirstVolumeMountPointW

iphlpapi

NhpAllocateAndGetInterfaceInfoFromStack
GetPerAdapterInfo
InternalGetIpForwardTable
InternalDeleteIpNetEntry
GetAdaptersInfo
SetAdapterIpAddress
InternalSetTcpEntry
SendARP
NTPTimeToNTFileTime
CreateProxyArpEntry
InternalSetIfEntry
AddIPAddress
DeleteIpNetEntry
InternalGetIfTable
GetIpNetTable
FlushIpNetTable
GetIfEntry
InternalSetIpNetEntry
CreateIpNetEntry
GetFriendlyIfIndex
SetIpForwardEntry
NotifyRouteChange
GetAdapterOrderMap
NTTimeToNTPTime
DeleteIpForwardEntry

user32

SendNotifyMessageA
DrawTextA
GetWindowRect
SendDlgItemMessageW
GetKeyNameTextW
VkKeyScanW
IMPQueryIMEA
SetWinEventHook
GetClassLongA
ModifyMenuW
CharLowerBuffA
InvalidateRgn
GetTopWindow
GetSysColorBrush
SendMessageTimeoutA
LookupIconIdFromDirectoryEx
GetCursorInfo
AdjustWindowRect
ToUnicodeEx
EnumDisplayDevicesA
IsZoomed
DdeSetUserHandle
SetWindowsHookExW
SetCapture
ChangeMenuW
SetForegroundWindow
EnumClipboardFormats
DrawTextExA

wintrust

WVTAsn1SpcPeImageDataEncode
WTHelperGetFileName
MsCatFreeHashTag
CryptCATPutMemberInfo
CryptSIPPutSignedDataMsg
CryptCATHandleFromStore
WVTAsn1SpcFinancialCriteriaInfoEncode
CryptCATAdminReleaseContext
CryptCATEnumerateMember
mssip32DllUnregisterServer
WVTAsn1SpcMinimalCriteriaInfoEncode
CryptCATCDFOpen
SoftpubDumpStructure
WintrustGetDefaultForUsage
CryptCATCDFClose
DriverInitializePolicy
CryptCATPutCatAttrInfo
CryptCATEnumerateAttr
WVTAsn1SpcIndirectDataContentEncode
WTHelperOpenKnownStores
WVTAsn1SpcMinimalCriteriaInfoDecode
WTHelperGetProvCertFromChain
CryptSIPVerifyIndirectData
WTHelperCertIsSelfSigned
WVTAsn1SpcPeImageDataDecode

Exports

Exports

CPlApplet

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02f1342b471f69737f0f455dbab0bef1

Headers

File Characteristics

Imports

rasapi32

comctl32

urlmon

kernel32

iphlpapi

user32

wintrust

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 232KB

.data Size: 57KB - Virtual size: 116KB

.rdata Size: 13KB - Virtual size: 13KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 7KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.text
Size: 232KB - Virtual size: 232KB

.data
Size: 57KB - Virtual size: 116KB

.rdata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 7KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB