ee2600669ccccf262b93da1a4f0525a51d0a8855b9032aa9ae3eeb0ff76f82e3

Sharing

Copy URL

Twitter E-mail

General

Target

ee2600669ccccf262b93da1a4f0525a51d0a8855b9032aa9ae3eeb0ff76f82e3
Size

426KB
MD5

0fd02a843297d08c69a8c24ca15ee8d1
SHA1

00cdf1d8a95bda61498cb8034cdcd60729ff2be3
SHA256

ee2600669ccccf262b93da1a4f0525a51d0a8855b9032aa9ae3eeb0ff76f82e3
SHA512

2fb4ef025fdbd7e1372028896805158828d38c39baee510c4e1e98500adae61d2f85212b53590a7e4370a139c7c7e619b8ca1e3ab1120528aff84797ad3a49fd
SSDEEP

12288:uL4dM7slGplnA+0/ULDFCGf4NGxapwJZMhFg:Gv9l90MLDoi4NGxxJqFg

Score

N/A

Malware Config

Signatures

Files

ee2600669ccccf262b93da1a4f0525a51d0a8855b9032aa9ae3eeb0ff76f82e3
.dll windows x86

eab3dddd7fd3e4f1bdfdc98729fed2cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryDataAvailable
InternetSetStatusCallbackW
InternetSetOptionW
InternetReadFile
InternetQueryOptionW
HttpAddRequestHeadersA
InternetOpenW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
HttpOpenRequestW
HttpQueryInfoW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW
UuidFromStringW

advapi32

CloseServiceHandle
StartServiceW
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
GetUserNameW
FreeSid
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
ControlService
CreateProcessAsUserW
DuplicateTokenEx

user32

SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SetActiveWindow
SendMessageW
PostMessageW
OffsetRect
MessageBoxW
LoadStringW
wsprintfW
KillTimer
IsWindow
GetWindowRect
SetWindowTextW
GetParent
GetDlgItemTextW
GetDlgItem
GetDesktopWindow
GetClientRect
ExitWindowsEx
EndDialog
EnableWindow
DialogBoxParamW
DestroyWindow
CreateWindowExW
CreateDialogParamW
CopyRect
BringWindowToTop
GetSystemMetrics
ShowWindow
LoadImageW

ole32

CoUninitialize
CoInitializeEx

shell32

SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
SHCreateDirectoryExW

kernel32

TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
TerminateProcess
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
SystemTimeToFileTime
VirtualFree
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
SearchPathW
RtlUnwind
ResetEvent
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
Process32NextW
Process32FirstW
OutputDebugStringW
OpenProcess
OpenMutexW
OpenEventA
MultiByteToWideChar
MoveFileW
MoveFileExW
LocalFree
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
AllocConsole
CancelIo
CloseHandle
CompareStringA
CompareStringW
CopyFileW
CreateEventA
CreateEventW
CreateFileA
CreateMutexW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DisconnectNamedPipe
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate

shlwapi

PathCompactPathExW

gdi32

CreateSolidBrush
SetBkColor

Exports

Exports

FileFlags
GetItem
GetSelf
Member_SetOne

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eab3dddd7fd3e4f1bdfdc98729fed2cd

Headers

File Characteristics

Imports

wininet

version

rpcrt4

advapi32

user32

ole32

shell32

kernel32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 249KB - Virtual size: 249KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 249KB - Virtual size: 249KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 4KB - Virtual size: 4KB