0b84e560861f74c7a8c8fac7ee13dbefe023a50ea4619fb95b1ac578401c229d

Sharing

Copy URL

Twitter E-mail

General

Target

0b84e560861f74c7a8c8fac7ee13dbefe023a50ea4619fb95b1ac578401c229d
Size

156KB
MD5

85c895746117ddd1cb6dc17b3bb148d0
SHA1

49ef0e383cdf6242f91f5f81895ac78adcf7ea73
SHA256

0b84e560861f74c7a8c8fac7ee13dbefe023a50ea4619fb95b1ac578401c229d
SHA512

b56d938a00601f67c7325f28cb069610934ae4dff13b5c89d49d4dc5f2a684bf5dba908bb5a267f8b0c6dba801ddb8bfb76cfa023bddd0caa7147507ee7ee408
SSDEEP

3072:06bm/SIyleFtOBUe5rOE8AYOtPSoZ/V0WApcHf7F:aSIylwWrr8AYOtR0WB

Score

N/A

Malware Config

Signatures

Files

0b84e560861f74c7a8c8fac7ee13dbefe023a50ea4619fb95b1ac578401c229d
.dll windows x86

65c6290af26ca6e5c997180b49ba1b5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SetFilePointer
GetCurrentProcess
HeapAlloc
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
RaiseException
HeapSize
HeapReAlloc
GetACP
GetOEMCP
LeaveCriticalSection
GetCPInfo
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetCommTimeouts
GetCommState
SetupComm
SetCommState
SetCommMask
WriteFile
CloseHandle
CreateThread
GetProcessVersion
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
GlobalFlags
MulDiv
lstrlenA
lstrcpynA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
TlsFree
CreateMutexA
SetThreadPriority
HeapCreate
InitializeCriticalSection
Sleep
DeleteCriticalSection
TlsAlloc
LoadLibraryA
LocalFree
LocalAlloc
lstrcatA
FreeLibrary
GetVersion
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalUnlock
GetModuleHandleA
GetProcAddress
FindResourceA
GlobalFree
LockResource
LoadResource
GetModuleFileNameA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
GetCurrentThread
lstrcmpA
lstrcmpiA
GetCommModemStatus
GetCurrentThreadId
EscapeCommFunction
ReadFile
WaitForSingleObject
PurgeComm
CreateFileA
ClearCommError
ReleaseMutex
VirtualFree
GetCommTimeouts
HeapDestroy
lstrcpyA

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconA
CheckDlgButton
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
UnregisterClassA
GetClassNameA
PtInRect
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
GetMenuItemCount
GetSubMenu
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
DestroyWindow
GetDlgItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
GetWindowRect
GetMenu
RegisterClassA
GetMenuItemID
EnableWindow
MessageBeep
PostMessageA
LoadStringA
MessageBoxA
SendMessageA
LoadBitmapA
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA

gdi32

SetBkColor
GetObjectA
SetTextColor
DeleteDC
DeleteObject
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetClipBox

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ord17

Exports

Exports

AG_AllReg
AG_BpInfo
AG_BreakFunc
AG_GoStep
AG_HistFunc
AG_Init
AG_MemAcc
AG_MemAtt
AG_RegAcc
AG_Serial
DllUv3Cap
EnumUv351

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65c6290af26ca6e5c997180b49ba1b5f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 12KB - Virtual size: 92KB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 12KB - Virtual size: 92KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 16KB - Virtual size: 12KB