8b72bed88a4bd01da7a54482a54bbb0cfdab3552e7ac4c0d37c8a6e89a1acd4c

Sharing

Copy URL Twitter E-mail

General

Target

8b72bed88a4bd01da7a54482a54bbb0cfdab3552e7ac4c0d37c8a6e89a1acd4c
Size

34KB
MD5

6da5f8eb682f8c86c953781018e4aeea
SHA1

195e4cbdfe7badeb383e62a24287b066f5354400
SHA256

8b72bed88a4bd01da7a54482a54bbb0cfdab3552e7ac4c0d37c8a6e89a1acd4c
SHA512

0a0109060de8f0704aa102fe648726b14789ea0d02ae08615cb70adf3da03b8152b1ad83e48834b7c2bdb8bbad550e19187b7a72121de6b35e3bd633b738f860
SSDEEP

768:F4gCSmn+mOUE8qNYqlywsvIqgLa1F2YAm:nLmraYqlywjLaL2YAm

Score

N/A

Malware Config

Signatures

Files

8b72bed88a4bd01da7a54482a54bbb0cfdab3552e7ac4c0d37c8a6e89a1acd4c
.dll windows x86

720058e86dab954fc9d7d2a2a487a152

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipSaveImageToStream
GdiplusStartup
GdipLoadImageFromStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDisposeImage

crypt32

CryptUnprotectData

gdi32

SelectObject
GetPixel
GetObjectA
GetDIBits
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap

wsock32

connect
getpeername
inet_ntoa
WSASetLastError
send

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA

shell32

ord680
Shell_NotifyIconA
SHGetSpecialFolderPathA

advapi32

CryptCreateHash
CryptDestroyHash
RegQueryInfoKeyA
CryptAcquireContextA
CryptHashData
CryptReleaseContext
GetCurrentHwProfileA
GetUserNameA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegNotifyChangeKeyValue
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
CryptGetHashParam

user32

GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindowDC
GetParent
GetFocus
GetClassNameA
IsWindow
EnumWindows
EnumChildWindows
DestroyWindow
DefWindowProcA
CharLowerBuffA
CallWindowProcA
CallNextHookEx
wsprintfA
MessageBoxA
PostMessageA
SetWindowLongA
SetWindowTextA
SetWindowsHookExA
ShowWindow
FindWindowExA
SendMessageA

kernel32

VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
GetLocalTime
VirtualAlloc
UnmapViewOfFile
Sleep
SetFileTime
SetFilePointer
SetFileAttributesA
SetEvent
RtlZeroMemory
RtlMoveMemory
RtlFillMemory
ResetEvent
OpenEventA
MoveFileExA
MoveFileA
MapViewOfFile
LoadLibraryA
GetWindowsDirectoryA
GetLastError
GetVolumeInformationA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
CloseHandle
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateThread
DeleteFileA
DeviceIoControl
ExitProcess
ExitThread
FreeLibrary
GetComputerNameA
GetDriveTypeA
GetFileAttributesA
GetFileSize
GetFileTime
GetModuleFileNameA

shlwapi

StrToIntA
StrStrIA
PathFindFileNameA
StrStrA

ole32

CreateStreamOnHGlobal
CoInitialize

ntdll

RtlCompareMemory

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

720058e86dab954fc9d7d2a2a487a152

Headers

File Characteristics

Imports

gdiplus

crypt32

gdi32

wsock32

wininet

shell32

advapi32

user32

kernel32

shlwapi

ole32

ntdll

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB