bdeaedd09f24fca06ea123c29c37bec22a843f3d16fbfdc5b73a151a99c0704d

Sharing

Copy URL Twitter E-mail

General

Target

bdeaedd09f24fca06ea123c29c37bec22a843f3d16fbfdc5b73a151a99c0704d
Size

132KB
MD5

5dfe98d1307541fc06d2168863c90f90
SHA1

64fa3fa2a52c4d39e5476fb432452b32b8b45833
SHA256

bdeaedd09f24fca06ea123c29c37bec22a843f3d16fbfdc5b73a151a99c0704d
SHA512

5431a3d98baf3c26e1d1b34dd5e89425ba050b62e1584b19cfb05794742795374f685aea257b99f2fc6cdcade849d072963f64d680ed1d0927a6189e1d809ab9
SSDEEP

3072:ZG4Z29gdPEkYQH0LMU+gOCLyJysfqkzQP1J:ZRZ2Lc0LMU+gOCWJysUz

Score

N/A

Malware Config

Signatures

Files

bdeaedd09f24fca06ea123c29c37bec22a843f3d16fbfdc5b73a151a99c0704d
.dll windows x86

052c37bd3ac9fcab548a2c6ec917d572

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_read
_open
??3@YAXPAX@Z
??2@YAPAXI@Z
_vsnprintf
_wtol
_wsplitpath
_write
wcstok
wcschr
wcsrchr
memmove
_close
_lseek
strtok
strchr
vsprintf
mbstowcs
strncpy
strrchr
_splitpath
free
_initterm
malloc
_adjust_fdiv
wcsncpy
_vsnwprintf
wcstombs

kernel32

LoadLibraryA
VirtualAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCurrentDirectoryA
SetCurrentDirectoryA
FreeLibrary
CreateSemaphoreW
SearchPathW
LoadLibraryW
GetProcAddress
WriteFile
SetEndOfFile
CreateDirectoryW
CreateFileW
lstrcmpiW
GetVersionExW
GetSystemDefaultLangID
GetWindowsDirectoryW
lstrlenW
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
DisableThreadLibraryCalls
lstrcpyW
lstrlenA
lstrcmpiA
CloseHandle
WaitForMultipleObjects
GetLastError
CreateProcessW
lstrcatW
lstrcpynW
ReleaseSemaphore
SetEnvironmentVariableW
GetFileAttributesW
GetEnvironmentVariableW
GetSystemDirectoryW

user32

LoadStringW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetMalloc
ShellExecuteW

wininet

InternetCloseHandle
HttpQueryInfoW
InternetSetOptionW
InternetGetConnectedStateExW
InternetReadFile
InternetOpenW
InternetOpenUrlW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Exports

Exports

DownLoadCancel
DownLoadClose
DownLoadExecute
DownLoadInit
DownLoadProcess
DownLoadSetStatusCallback

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052c37bd3ac9fcab548a2c6ec917d572

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

wininet

ole32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 88B

.rsrc Size: 104KB - Virtual size: 101KB

.reloc Size: 4KB - Virtual size: 950B

.text
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 88B

.rsrc
Size: 104KB - Virtual size: 101KB

.reloc
Size: 4KB - Virtual size: 950B