679dd4aff539606380fa0f9d4a5955285c333f583f6472398e52a21f3bd48bd4

Sharing

Copy URL Twitter E-mail

General

Target

679dd4aff539606380fa0f9d4a5955285c333f583f6472398e52a21f3bd48bd4
Size

821KB
MD5

2e09d2aee85f953f5592cd6b15fbef70
SHA1

3d585ef3a42921a0c9f58f8d016e0528f1a1633f
SHA256

679dd4aff539606380fa0f9d4a5955285c333f583f6472398e52a21f3bd48bd4
SHA512

38eaab4a2a66d513e78aec04002e78f95ecf3e0dfe30515f2e73bb7c534332f6f15b7b406f75c4958963f2329fbfba0afc88bf315914e13de632d0228a98a989
SSDEEP

24576:+1VO8PRrcHw70nMj/8SV9lJhElz5Sg6Ttb+7Kh:AO8PFqMjkiIz5N6

Score

N/A

Malware Config

Signatures

Files

679dd4aff539606380fa0f9d4a5955285c333f583f6472398e52a21f3bd48bd4
.dll windows x86

c833b1477c0caa2ab016de0e56eeb9c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
UnhandledExceptionFilter
GlobalAddAtomA
FreeEnvironmentStringsA
GlobalGetAtomNameA
CreateFileA
GetStringTypeA
IsValidCodePage
GetEnvironmentStringsW
GetFileAttributesA
WriteConsoleW
GetFileTime
SetErrorMode
CreateDirectoryA
GetLastError
RtlUnwind
SetCurrentDirectoryA
SetEnvironmentVariableA
TerminateProcess
LoadResource
ConvertDefaultLocale
GetCurrentThreadId
lstrcmpW
GetConsoleOutputCP
GetCurrentProcessId
GetPrivateProfileStringA
SetFilePointer
EnumResourceLanguagesA
GetThreadLocale
SetEndOfFile
EnterCriticalSection
TlsAlloc
GetFileSize
LockFile
FormatMessageA
WriteConsoleA
WriteFile
SetStdHandle
GetVersionExA
FileTimeToLocalFileTime
InterlockedDecrement
LCMapStringA
GetConsoleCP
LocalAlloc
lstrlenA
GlobalAlloc
RaiseException
SetHandleCount
HeapReAlloc
QueryPerformanceCounter
TlsSetValue
IsDebuggerPresent
GetSystemInfo
MulDiv
lstrcmpA
DeleteCriticalSection
FreeResource
InitializeCriticalSection
GetTimeZoneInformation
GlobalFindAtomA
WideCharToMultiByte
TlsFree
FileTimeToSystemTime
CreateThread
HeapAlloc
GetModuleFileNameA
CompareStringA
SetLastError
GlobalReAlloc
GetFileSizeEx
WritePrivateProfileStringA
VirtualProtect
GlobalHandle
CopyFileA
GlobalFlags
GetACP
InterlockedExchange
SizeofResource
InterlockedIncrement
LeaveCriticalSection
Sleep
DeleteFileA
GetLocaleInfoA
GetSystemTimeAsFileTime
TlsGetValue
GlobalLock
HeapCreate
GetTickCount
WinExec
LocalFree
FreeEnvironmentStringsW
FindClose
FindResourceA
GetFullPathNameA
WaitForSingleObject
GetStringTypeW
GetCurrentThread
VirtualQuery
SetUnhandledExceptionFilter
LocalReAlloc
InitializeCriticalSectionAndSpinCount
DuplicateHandle
GetProcessHeap
GetModuleHandleW
FreeLibrary
ReadFile
VirtualAlloc
LCMapStringW
HeapSize
GetCPInfo
GetOEMCP
GetFileType
GetVolumeInformationA
VirtualFree
GetModuleFileNameW
GlobalDeleteAtom
LockResource
MultiByteToWideChar
CompareStringW
HeapFree
GlobalUnlock
FindFirstFileA
FlushFileBuffers
UnlockFile
CloseHandle
GlobalFree
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetStdHandle
GetStartupInfoA
GetConsoleMode
GetCurrentProcess
ReadConsoleA
GetCommandLineA
ExitProcess

user32

GetCapture
RemovePropA
CheckMenuItem
SetWindowContextHelpId
SendMessageA
GetTopWindow
GetSystemMetrics
GetMenuCheckMarkDimensions
GetMessagePos
CopyRect
SetPropA
IsWindowEnabled
IsRectEmpty
IsWindow
SetMenu
UpdateWindow
MoveWindow
GetWindowTextA
SetCapture
DestroyWindow
GetWindow
CreateDialogIndirectParamA
SetWindowPos
ShowWindow
GetSysColorBrush
SetFocus
GetClassLongA
UnhookWindowsHookEx
EndPaint
GetMenuItemCount
DrawTextExA
CallWindowProcA
GetCursorPos
DispatchMessageA
PostMessageA
GetPropA
GetForegroundWindow
GetWindowRect
GetDesktopWindow
IsChild
EqualRect
CharNextA
TabbedTextOutA
SetActiveWindow
GetLastActivePopup
GetSubMenu
RegisterWindowMessageA
GetNextDlgGroupItem
GetMenuItemID
SetForegroundWindow
AdjustWindowRectEx
CallNextHookEx
WinHelpA
BeginPaint
GrayStringA
PtInRect
GetClientRect
GetClassInfoExA
LoadBitmapA
InvalidateRgn
GetMenuState
GetWindowPlacement
GetNextDlgTabItem
SetWindowLongA
PostThreadMessageA
SetCursor
GetMessageTime
GetKeyState
GetParent
InvalidateRect
GetClassNameA
IsWindowVisible
GetClassInfoA
GetSysColor
LoadIconA
CopyAcceleratorTableA
OffsetRect
ValidateRect
ClientToScreen
GetDC
IsIconic
EnableMenuItem
ReleaseDC
CharUpperA
MapWindowPoints
LoadCursorA
PeekMessageA
ModifyMenuA
GetWindowDC
SetWindowTextA
ReleaseCapture
IsDialogMessageA
GetWindowThreadProcessId
GetDlgCtrlID
IntersectRect
SystemParametersInfoA
CreateWindowExA
RegisterClassA
GetMenu
SetWindowsHookExA
DrawTextA
TranslateMessage
SendDlgItemMessageA
EndDialog
MapDialogRect
GetDlgItem
GetMessageA
UnregisterClassA
SetRect
SetMenuItemBitmaps
RegisterClipboardFormatA
PostQuitMessage
GetWindowLongA
MessageBeep
EnableWindow
DefWindowProcA
GetFocus
GetActiveWindow
MessageBoxA
DestroyMenu

gdi32

CreateRectRgnIndirect
GetMapMode
SetBkColor
DeleteDC
TextOutA
SetTextColor
GetDeviceCaps
Escape
SetViewportOrgEx
SetMapMode
RestoreDC
RectVisible
ScaleWindowExtEx
GetViewportExtEx
SelectObject
GetObjectA
GetRgnBox
ExtSelectClipRgn
CreateICA
CreateBitmap
SetWindowExtEx
DeleteObject
PtVisible
SaveDC
ScaleViewportExtEx
OffsetViewportOrgEx
GetTextColor
SetViewportExtEx
GetWindowExtEx
GetClipBox
ExtTextOutA
GetStockObject
GetBkColor

comdlg32

GetFileTitleA

advapi32

RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegCloseKey

shell32

SHGetFileInfoA

ole32

CreateILockBytesOnHGlobal
CLSIDFromString
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
OleInitialize
CoTaskMemFree
CoFreeUnusedLibraries
CoTaskMemAlloc
CoGetClassObject
CoRevokeClassObject
CLSIDFromProgID
StgOpenStorageOnILockBytes
OleFlushClipboard
CoRegisterMessageFilter
OleUninitialize

oleaut32

VariantChangeType
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SafeArrayDestroy
VariantClear
SysAllocStringLen
SysFreeString
VariantCopy
OleCreateFontIndirect
SystemTimeToVariantTime
VariantInit
SysAllocString

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

wininet

InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetConnectA
InternetCloseHandle
FtpSetCurrentDirectoryA
FtpGetFileA
InternetOpenA

oledlg

ord8

Sections

.text
Size: 802KB - Virtual size: 801KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c833b1477c0caa2ab016de0e56eeb9c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

wininet

oledlg

Sections

.text Size: 802KB - Virtual size: 801KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 67KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 802KB - Virtual size: 801KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 67KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB