185c3e7c9eebd85bee40e5ca62e0e8130994eb5d22dfc05016f8a1ebf752dbc7

Sharing

Copy URL Twitter E-mail

General

Target

185c3e7c9eebd85bee40e5ca62e0e8130994eb5d22dfc05016f8a1ebf752dbc7
Size

216KB
MD5

aa8cc32535696b9c476dad3aa6465120
SHA1

6a4978965860da5cf205085d686d2ab3666c098d
SHA256

185c3e7c9eebd85bee40e5ca62e0e8130994eb5d22dfc05016f8a1ebf752dbc7
SHA512

4fca51db9f40b3bc0c6e4a3bb27e03f9e8835e4480f5035c794ba343c3e8013cb2875a161e07b3d41b8dadc92a453a0d5e3f3a682672a56eac10383d4dacd0f4
SSDEEP

3072:Hp9+v5hW2E9HlU0fsL4lfcej67fW50VS2rZ6BYT/7iq:HQhGULqfy7fHQ2YE/

Score

N/A

Malware Config

Signatures

Files

185c3e7c9eebd85bee40e5ca62e0e8130994eb5d22dfc05016f8a1ebf752dbc7
.dll windows x86

dc2f61251c17a8c7ef16ffb9aae8773e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
SetStdHandle
FlushFileBuffers
GetStringTypeW
SetFilePointer
WriteFile
GetStartupInfoA
RtlUnwind
HeapValidate
HeapDestroy
VirtualProtect
SleepEx
WaitForSingleObjectEx
TlsAlloc
TlsGetValue
CreateMutexA
CreateSemaphoreW
CreateSemaphoreA
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeA
GetLocaleInfoA
HeapSize
HeapReAlloc
VirtualAlloc
IsValidCodePage
GetCPInfo
InitializeCriticalSection
IsDebuggerPresent
HeapCreate
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetFileType
GetStdHandle
SetHandleCount
TlsFree
TlsSetValue
ExitProcess
GetCommandLineA
GetVersion
GetConsoleOutputCP
DisableThreadLibraryCalls
InterlockedDecrement
GetExitCodeProcess
GetExitCodeThread
CreateMutexW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
ReleaseMutex
SetLastError
GetWindowsDirectoryW
GetModuleFileNameW
CloseHandle
ReleaseSemaphore
HeapFree
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
HeapAlloc
GetProcessHeap
GetProfileIntA
WideCharToMultiByte
lstrcpyW
GetModuleHandleW
GetLastError
UnhandledExceptionFilter
QueryPerformanceCounter
FreeLibrary
ProcessIdToSessionId
IsBadReadPtr
ResetEvent
Sleep
IsBadWritePtr
CreateEventW
CreateThread
SetThreadPriority
DeleteCriticalSection
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
WriteConsoleW
lstrlenW
FreeEnvironmentStringsW
GetModuleHandleA
MultiByteToWideChar
FindFirstFileW
CompareFileTime
LocalAlloc
SetErrorMode
GetSystemDirectoryW
CreateFileW
SetEvent
SetFileAttributesW
FindNextFileW
GetTempFileNameW
CopyFileW
DeleteFileW
LocalFree
lstrcpynW
GetCurrentDirectoryA
InterlockedCompareExchange
ExitThread

user32

GetWindowLongA
GetWindowThreadProcessId
LoadCursorW
GetSysColorBrush
InvalidateRgn
LoadStringW
LoadIconW
EndDialog
DefWindowProcW
GetDlgItem
GetParent
EnableWindow
GetWindowLongW
UnregisterClassW
BeginPaint
GetClientRect
IsWindow
SetWindowPos
GetClassNameW
SetForegroundWindow
GetSystemMetrics
GetWindowRect
ReleaseDC
CallWindowProcW
WaitForInputIdle

winspool.drv

GetPrinterDriverW
AddPrinterDriverW
GetPrinterW
OpenPrinterW

advapi32

RegSaveKeyW
GetFileSecurityW
RegUnLoadKeyW
RegEnumKeyExW
SetFileSecurityW
SetServiceStatus
OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
RegOpenKeyW
RegOpenKeyExA
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegFlushKey
RegLoadKeyW

ole32

CLSIDFromString
StringFromGUID2
CoCreateInstance

msvcrt

malloc
swprintf
wcsncat
wcslen
wcsncpy
fflush
fputs
wcscpy
srand
wcsstr
wcsrchr
wcschr
free
exit
fgetwc
iswspace
vfwprintf
fprintf

shlwapi

wnsprintfW

winmm

mixerGetLineControlsW
timeGetTime
mixerGetID
waveOutGetDevCapsA
waveInGetDevCapsW
mixerSetControlDetails
waveOutSetVolume

rpcrt4

UuidToStringW

urlmon

CoInternetCreateSecurityManager

Exports

Exports

AnyConsidered
BeingYouUpRun
DirectlyAcquireUsersTo
ForCALsIdentified
ForOrOr
ForTwoOtherwiseBe
InternetDevicesSoftwareBladeAssign
NotTheThe
YouAIs

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc2f61251c17a8c7ef16ffb9aae8773e

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

ole32

msvcrt

shlwapi

winmm

rpcrt4

urlmon

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.idata Size: 8KB - Virtual size: 6KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 48KB - Virtual size: 195KB

.rsrc Size: 16KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.idata
Size: 8KB - Virtual size: 6KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 48KB - Virtual size: 195KB

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 1KB