5345a9405212f3b8ef565d5d793e407ae8db964865a85c97e096295ba3f39a78

Sharing

Copy URL Twitter E-mail

General

Target

5345a9405212f3b8ef565d5d793e407ae8db964865a85c97e096295ba3f39a78
Size

332KB
MD5

114db69a015077a71908bfff4e126863
SHA1

7483eb93e86a6c5344142342d1124da33e9866f6
SHA256

5345a9405212f3b8ef565d5d793e407ae8db964865a85c97e096295ba3f39a78
SHA512

ef52d5b72b054c52c6c54406bb5c2e780a4070a7dc3ec60f1251ac949f7c9bc20ac3e4397992d65daff66db3142efe4ea3613fe5f6f218dbb77c624906abbd76
SSDEEP

6144:AvO69Sv6nt7XS34XyZfrwsNJ1MLlSifCoh4pKew0RDqT:AvOGSvK7XG9wsL1kSKVSpKd0uT

Score

N/A

Malware Config

Signatures

Files

5345a9405212f3b8ef565d5d793e407ae8db964865a85c97e096295ba3f39a78
.dll windows x86

673ff4ad8574416d070b62d3e0b9dc30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetLastActivePopup
SetPropW
ShowOwnedPopups
RemovePropW
DrawFocusRect
wsprintfW
IsWindow

kernel32

TerminateProcess
UnhandledExceptionFilter
DeactivateActCtx
GetLastError
GetCurrentThreadId
InterlockedCompareExchange
EnumDateFormatsExA
GetProfileStringA
CreateToolhelp32Snapshot
LeaveCriticalSection
CompareStringW
IsBadWritePtr
GetCurrentProcess
SetFileAttributesA
HeapCompact
GlobalAddAtomW
GetFileSize
CopyFileExA
WaitCommEvent
EnumResourceNamesW
GetTapePosition
GetEnvironmentVariableW
GetSystemDefaultUILanguage
VerLanguageNameA
WaitNamedPipeW
DeleteVolumeMountPointW
EnumUILanguagesA
WaitForSingleObject
WaitForMultipleObjectsEx
CreateHardLinkW
QueryDosDeviceA
GlobalFindAtomW
ReadConsoleW
PostQueuedCompletionStatus
GetNamedPipeHandleStateW
GetLogicalDriveStringsW
GetStdHandle
FileTimeToSystemTime
LocalLock
WriteTapemark
CancelWaitableTimer
IsBadStringPtrA
GetModuleHandleExA
TlsSetValue
TzSpecificLocalTimeToSystemTime
WriteFileEx
WritePrivateProfileSectionW
ReadConsoleOutputA
GetStringTypeExW
FoldStringA
GetSystemPowerStatus
SetDefaultCommConfigA
GetConsoleSelectionInfo
CreateJobObjectW
ExpandEnvironmentStringsA
GetUserDefaultUILanguage
GetQueuedCompletionStatus
GetThreadLocale
GetNativeSystemInfo
SetDefaultCommConfigW
TryEnterCriticalSection
GetProcessHeaps
SetThreadContext
ClearCommBreak
SearchPathW
ConnectNamedPipe
ReadProcessMemory
BuildCommDCBAndTimeoutsA
IsSystemResumeAutomatic
EnumResourceNamesA
GetDateFormatA
GetThreadContext
GetModuleHandleW
GetNumberFormatA
SetThreadPriorityBoost
OpenJobObjectW
WriteProfileStringW
TerminateJobObject
Module32First
OpenFile
LocalSize
SetConsoleCursorPosition
MoveFileExA
CompareFileTime
GetCPInfoExW
lstrcmpiA
OpenMutexW
GetModuleHandleA
WriteProcessMemory
CancelDeviceWakeupRequest
SetUnhandledExceptionFilter
GetCurrentDirectoryW
QueryDepthSList
SetFirmwareEnvironmentVariableA
GetConsoleFontSize
FindFirstVolumeMountPointA
FreeConsole
GetCompressedFileSizeA
BuildCommDCBAndTimeoutsW
WriteConsoleOutputCharacterW
GlobalGetAtomNameW
Process32Next
WideCharToMultiByte
GetLogicalDrives
GlobalFlags
ResetWriteWatch
TerminateThread
GetPrivateProfileIntA
DnsHostnameToComputerNameW
IsValidLocale
DeleteTimerQueueEx
RemoveDirectoryW
AllocateUserPhysicalPages
SizeofResource
GetFileTime
IsBadReadPtr
FindNextFileA
AllocConsole
OpenWaitableTimerA
WaitForMultipleObjects
SetFileApisToOEM

mprapi

MprAdminUserSetInfo
MprConfigInterfaceCreate

msvcrt

wctomb
bsearch
fopen
strcpy
memcpy
_unlock
__dllonexit
_lock
toupper
_except_handler3
memset
strxfrm
atoi
puts
tolower
ispunct
memmove
iswprint
fread
_onexit
iscntrl
wcscspn
fscanf
free
strftime
setlocale
strncat

pdh

PdhGetCounterInfoA
PdhGetCounterInfoW
PdhAddCounterA
PdhMakeCounterPathW
PdhGetCounterTimeBase

gdi32

CreateDIBPatternBrushPt

urlmon

WriteHitLogging
ReleaseBindInfo
CoInternetGetSecurityUrl
HlinkGoBack
RevokeBindStatusCallback

shell32

SHInvokePrinterCommandA
DuplicateIcon
DragQueryFileW
ExtractIconA
SHAppBarMessage
ord180

oleaut32

VarR4FromCy
VarUI4FromDisp
BSTR_UserFree
VarCyRound

Exports

Exports

barbara

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

v(add
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

673ff4ad8574416d070b62d3e0b9dc30

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

mprapi

msvcrt

pdh

gdi32

urlmon

shell32

oleaut32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.data Size: 4KB - Virtual size: 9KB

v(add Size: 232KB - Virtual size: 228KB

.rsrc Size: 32KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 8KB

.text
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 9KB

v(add
Size: 232KB - Virtual size: 228KB

.rsrc
Size: 32KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 8KB