2ab18e00488ed473c8f3ec0ef19b5ccb61e54018b7920cccecf9e9a83d44d224

Sharing

Copy URL Twitter E-mail

General

Target

2ab18e00488ed473c8f3ec0ef19b5ccb61e54018b7920cccecf9e9a83d44d224
Size

202KB
MD5

93d05e9bf7889aa12ce60ff8457d306e
SHA1

0cd036333a977db3a55c9a8628b4fe63d32ba5d1
SHA256

2ab18e00488ed473c8f3ec0ef19b5ccb61e54018b7920cccecf9e9a83d44d224
SHA512

687282439635995c6f87c12d7ff406215c69a39ee7ff6fe6a3a3c8c9ecbf32f6f28b30576dc11587a4418aec2b0bef86e37e8e5f961f3bc6b99248cbad252a8d
SSDEEP

3072:saov7nKWiHCIMqH3DQCSYozM5h7yigjfXgzGYmwH58/Ebng3:k7GHCIMa3DQrM5RaHYmw6/EM3

Score

N/A

Malware Config

Signatures

Files

2ab18e00488ed473c8f3ec0ef19b5ccb61e54018b7920cccecf9e9a83d44d224
.dll windows x86

c0f11d7df0345b3dd24fbf72f6fe66ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

AccessibleObjectFromPoint

kernel32

InterlockedDecrement
InitializeCriticalSection
SizeofResource
LeaveCriticalSection
lstrlenW
RaiseException
EnterCriticalSection
lstrcmpiW
DeleteCriticalSection
CreateFileA
ReadFile
GetProcessHeap
SetEndOfFile
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
CreateFileW
GetLocaleInfoA
InterlockedIncrement
GetStringTypeW
GetStringTypeA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
GetConsoleMode
GetConsoleCP
LCMapStringW
WideCharToMultiByte
LCMapStringA
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
LoadLibraryExW
LoadResource
FindResourceW
GlobalUnlock
GlobalSize
GlobalLock
GlobalFree
WriteProcessMemory
GetLastError
MultiByteToWideChar
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
CreateThread
FreeLibrary
WaitForSingleObject
LoadLibraryW
CreateEventW
Sleep
GetModuleFileNameW
GetModuleHandleA
CloseHandle
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetVersionExW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapDestroy
HeapCreate
VirtualAlloc
VirtualFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetCommandLineA
GetFileAttributesW
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
HeapAlloc

user32

CopyRect
PostMessageW
GetClassNameW
SendMessageTimeoutW
GetForegroundWindow
IsWindow
wsprintfW
GetWindowRect
GetCursorPos
SetRect
CharNextW
GetClassInfoW
ReleaseDC
GetWindowTextW
GetDC
EqualRect
ScreenToClient
GetMessageW
WindowFromPoint
GetClientRect
TranslateMessage
SetRectEmpty
OffsetRect
IntersectRect
UnionRect
InvalidateRect
RedrawWindow
UpdateWindow
ChildWindowFromPoint
DispatchMessageW
GetParent
GetWindowLongW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetDoubleClickTime
PtInRect
IsRectEmpty
ReleaseCapture
LoadCursorW
SetCursor
SetCapture
GetKeyState
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW

gdi32

TranslateCharsetInfo
GetTextExtentPoint32W
GetTextMetricsW
LPtoDP
GetCharacterPlacementW
DeleteDC
SetPixel
GetDCOrgEx
CreateDCW
GetCharWidth32W
GetObjectType
GetCurrentPositionEx
GetTextAlign
GetNearestColor
GetPixel
GetTextFaceW
GetFontData
GetTextCharset
GetLayout

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumValueW

ole32

OleSaveToStream
GetHGlobalFromStream
CoCreateInstance
WriteClassStm
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemRealloc

oleaut32

SysStringByteLen
SysFreeString
VariantChangeType
VariantInit
VarUI4FromStr
SysAllocStringByteLen
SysAllocString
VariantClear

wininet

InternetSetCookieExW
InternetGetCookieExW

shlwapi

StrStrIW
PathFindFileNameW

Exports

Exports

Direct_G2A
TaskProc
_DllMain@12
_PINotify@4

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0f11d7df0345b3dd24fbf72f6fe66ba

Headers

File Characteristics

Imports

oleacc

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

shlwapi

Exports

Exports

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 20KB

.SHARDAT Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 20KB

.SHARDAT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB