e0295f40bed7b02e2364442fef8874c05a16ddbc6f3b5b04f28f0579f2427b9c

Sharing

Copy URL Twitter E-mail

General

Target

e0295f40bed7b02e2364442fef8874c05a16ddbc6f3b5b04f28f0579f2427b9c
Size

434KB
MD5

60a4a87427caa4a021eeede4ee1046a0
SHA1

a45cabd3605c7fc01c077943efaa9970af1605e6
SHA256

e0295f40bed7b02e2364442fef8874c05a16ddbc6f3b5b04f28f0579f2427b9c
SHA512

0ebeace90aab0cfde14c35d8e3e76ce1bd263b82c2ede050bb0dabbc68b8e0ebd49169f52acd6ff61b942109446453b1225c634daab754643419179b002407dd
SSDEEP

6144:veafhZI+wIGPAgfCzIxUDFqfQFZojYXMa/UEfLRikL2ikv61HUSDE+Vos6Xp1mzX:4+wIlz1D0fjud/XbLoOUSowyXaVVVQI

Score

N/A

Malware Config

Signatures

Files

e0295f40bed7b02e2364442fef8874c05a16ddbc6f3b5b04f28f0579f2427b9c
.dll windows x86

eff7cfd4fb50ff62e7d88d7652416bed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
CreateSolidBrush

user32

BringWindowToTop
CopyRect
CreateDialogParamW
CreateWindowExW
DestroyWindow
wsprintfW
ShowWindow
SetWindowTextW
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SetActiveWindow
SendMessageW
PostMessageW
OffsetRect
MessageBoxW
LoadStringW
LoadImageW
KillTimer
IsWindow
GetWindowRect
GetSystemMetrics
GetParent
GetDlgItemTextW
GetDlgItem
GetDesktopWindow
GetClientRect
ExitWindowsEx
EndDialog
EnableWindow
DialogBoxParamW

advapi32

AllocateAndInitializeSid
CheckTokenMembership
StartServiceW
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
GetUserNameW
FreeSid
DuplicateTokenEx
CreateProcessAsUserW
ControlService
CloseServiceHandle
AdjustTokenPrivileges

wininet

InternetCloseHandle
InternetConnectW
InternetOpenW
InternetQueryDataAvailable
HttpSendRequestW
InternetReadFile
InternetSetOptionW
InternetSetStatusCallbackW
HttpQueryInfoW
HttpOpenRequestW
InternetQueryOptionW
HttpAddRequestHeadersA

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcStringFreeW

kernel32

RtlUnwind
ReleaseMutex
ReadFile
RaiseException
SearchPathW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
ResetEvent
QueryPerformanceCounter
Process32NextW
Process32FirstW
OutputDebugStringW
OpenProcess
OpenMutexW
OpenEventA
MultiByteToWideChar
MoveFileW
MoveFileExW
LocalFree
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
AllocConsole
CancelIo
CloseHandle
CompareStringA
CompareStringW
CopyFileW
CreateEventA
CreateEventW
CreateFileA
CreateMutexW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DisconnectNamedPipe
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent

shlwapi

PathCompactPathExW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
SHCreateDirectoryExW
CommandLineToArgvW

ole32

CoInitializeEx
CoUninitialize

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

HasAttr
IsSubclass
ReplaceErrors
_Concat
_setsig
set_IHDR
set_pCAL

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eff7cfd4fb50ff62e7d88d7652416bed

Headers

File Characteristics

Imports

gdi32

user32

advapi32

wininet

rpcrt4

kernel32

shlwapi

shell32

ole32

version

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 3KB