0102a90695136a6a46adbd3a4c9bc2594da3b2e55b4498b68f31e3268d93af7b

Sharing

Copy URL Twitter E-mail

General

Target

0102a90695136a6a46adbd3a4c9bc2594da3b2e55b4498b68f31e3268d93af7b
Size

50KB
MD5

cb33add74d613d7956d49c60be41f560
SHA1

7f1a53c981093f998f5ec2d91a947edc5613efb3
SHA256

0102a90695136a6a46adbd3a4c9bc2594da3b2e55b4498b68f31e3268d93af7b
SHA512

2588b9e1d5ca62cbc5b7747402b9e012d9eee8046c63970a9bb811005a7bfc40872648938ab3cfd84b796120e375db94adedaa4d25c6034d9532ed1d8d884d40
SSDEEP

1536:L4XIGM+8/Bklrd6RrejN9Sn3If6WaJFeep6bc:atXOQjN9S3ISWaDp6bc

Score

N/A

Malware Config

Signatures

Files

0102a90695136a6a46adbd3a4c9bc2594da3b2e55b4498b68f31e3268d93af7b
.dll windows x86

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
DeleteUrlCacheEntryA
HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
InternetOpenW
InternetConnectW
DeleteUrlCacheEntryW

ntdll

_chkstk
strncpy
memcpy
memset

gdiplus

GdipGetImagePalette
GdipCloneImage
GdipDrawImageI
GdipFree
GdipGetImageGraphicsContext
GdiplusStartup
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits

kernel32

CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetExitCodeThread
lstrcpynA
lstrcatA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
MoveFileExW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedExchange
CreateFileMappingW
MapViewOfFile
lstrcmpiA
FreeLibrary
UnmapViewOfFile
lstrcmpW
Sleep
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsW
CreateFileW
WriteFile
CreateThread
GetModuleFileNameW
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTempFileNameW
CopyFileW
LocalAlloc
LocalFree
CreateDirectoryW
GetStartupInfoW
GetFileSize
DeleteFileW
ReadFile
SetFilePointer
lstrlenW
GetModuleFileNameA
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
CreateEventW
LoadLibraryW
lstrcatW
lstrcpyA
GetTickCount
lstrlenA
SetEvent
lstrcpyW
WriteProcessMemory
VirtualProtect
GetLocalTime

user32

ToAscii
GetKeyboardState
GetWindowTextW
SetWindowsHookExA
PostThreadMessageW
GetMessageW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
wsprintfW
wsprintfA
IsCharAlphaNumericW
GetClassNameW

gdi32

GetStockObject
CreateDIBSection
SetDIBColorTable
GetPixel
SelectObject
GetObjectW
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal

Exports

Exports

AetModuleFileNameExA
AetModuleFileNameExW
GetStockObject

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ntdll

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB