834ebd5d1e9e61c033ad980283903524beafeddd2a7d6db09e023215b5d72672

Sharing

Copy URL

Twitter E-mail

General

Target

834ebd5d1e9e61c033ad980283903524beafeddd2a7d6db09e023215b5d72672
Size

360KB
MD5

d7bc84566cc0d22c97a4b11b809decf9
SHA1

6da5ed01ae8ca0fc1e00b88309d390aa688c7f26
SHA256

834ebd5d1e9e61c033ad980283903524beafeddd2a7d6db09e023215b5d72672
SHA512

274249c88528d1afbd1a9d606082441e21d860c31b79a4f79086de84af27923ebf097db3ee85613867ce75efcc8c435ee7afa2dacd213bb70fc544cedb0153f4
SSDEEP

3072:BNrBX+YUqM53WXrq1WfHk27mLWMwo4nAk9BSPXKMPxTcZL0vqA5Le:BNrB8poWP27UwxAk3HX0ym

Score

N/A

Malware Config

Signatures

Files

834ebd5d1e9e61c033ad980283903524beafeddd2a7d6db09e023215b5d72672
.dll windows x86

f4f9d629843e6cf139882fe9a06e5047

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandle
CreateDirectoryW
CreateFileA
GetVersionExW
WaitForSingleObject
TerminateThread
ResetEvent
CreateEventW
CreateThread
SetEvent
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
MapViewOfFile
VirtualAlloc
ReleaseMutex
OpenFileMappingW
WaitForMultipleObjects
DuplicateHandle
OpenMutexW
LocalFree
FindResourceW
LocalAlloc
lstrcmpA
GetSystemTimeAsFileTime
SetThreadPriority
GetCurrentThread
GetTimeZoneInformation
LoadLibraryExW
Sleep
WriteFile
SetEndOfFile
SetFilePointer
FlushFileBuffers
GlobalSize
HeapFree
GetProcessHeap
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetEnvironmentVariableA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
lstrcpynA
GetFullPathNameW
lstrlenA
AreFileApisANSI
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FileTimeToSystemTime
GetTempPathW
GetCurrentThreadId
GetCurrentProcess
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
OutputDebugStringA
LoadLibraryW
GetLastError
GetModuleHandleW
GetModuleHandleA
SetLastError
SetErrorMode
GetFileAttributesW
GetModuleFileNameW
GetVersion
GetTickCount
FreeLibrary
GetProcAddress
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetVersionExA
GetCommandLineA
HeapReAlloc
HeapAlloc

user32

GetDC
GetWindowLongW
LoadImageW
KillTimer
FindWindowExW
IsDlgButtonChecked
CheckDlgButton
CheckRadioButton
DialogBoxParamW
EndDialog
SetWindowPos
GetWindowRect
GetDesktopWindow
SetWindowTextW
GetDlgItem
CloseClipboard
OpenClipboard
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
SetTimer
SendMessageW
MessageBoxW
LoadStringW
EnumClipboardFormats
CountClipboardFormats
GetSysColor
SetClipboardData
EmptyClipboard
ReleaseDC
EnumChildWindows
GetClipboardData

gdi32

DeleteDC
GetDIBColorTable
SelectObject
CreateCompatibleDC
DeleteObject
GetObjectW
CreateBitmap

advapi32

RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegDeleteValueW
RegEnumKeyW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteKeyA
EqualSid

shell32

ord680
SHGetPathFromIDListW
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteExW

ole32

StgCreateDocfile
WriteClassStg
CoUninitialize
CoInitializeEx

oleaut32

VariantChangeType
VariantClear
VariantCopy
OleCreatePictureIndirect
VariantInit
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
ExchEntryPoint

Sections

.text
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4f9d629843e6cf139882fe9a06e5047

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 280KB - Virtual size: 280KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 280KB - Virtual size: 280KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 20KB - Virtual size: 18KB