b3a6d0850a0dccb6c97048e2cfb72238e5e0525864365a92b81e306112607546

Sharing

Copy URL Twitter E-mail

General

Target

b3a6d0850a0dccb6c97048e2cfb72238e5e0525864365a92b81e306112607546
Size

112KB
MD5

3714a6a4666fb34220b5861fabce4499
SHA1

8ba812ab1152fd0005e0bc290bf9fba1220bc937
SHA256

b3a6d0850a0dccb6c97048e2cfb72238e5e0525864365a92b81e306112607546
SHA512

45515c02677a1176a4c76f361c3744dc159ff6803a6ce65ab6d10d834c518c3e8aa069f930e93382c80aa8d43d30d8d7110c4bc2c81bf4914757546c8a2d4278
SSDEEP

3072:EtX0C9NTLtYIVqzk8/xnfSoc6iASv1rjcC0Ifcn:EtEGNWIVOkwxfSojiHjr0Iu

Score

N/A

Malware Config

Signatures

Files

b3a6d0850a0dccb6c97048e2cfb72238e5e0525864365a92b81e306112607546
.dll windows x86

85a40d09a327da03c746e55b7f65cd23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
QueryDosDeviceW
FreeLibrary
VerLanguageNameA
LoadLibraryA
EnumSystemCodePagesA
SetConsoleInputExeNameA
SetHandleCount
GetProcAddress
GetAtomNameA
FindFirstFileA
GetSystemTime
GetModuleFileNameA
GetLocalTime
GetConsoleAliasExesW
GetConsoleDisplayMode
WriteTapemark
GetHandleInformation
GetTickCount
SetLocaleInfoA
GetModuleHandleA
GetVersion
VirtualAlloc

comctl32

FlatSB_GetScrollPos
ImageList_Read
InitializeFlatSB
ImageList_AddIcon
ImageList_SetOverlayImage
ImageList_LoadImageW
ImageList_Draw
ImageList_DragShowNolock
CreatePropertySheetPageW
FlatSB_GetScrollProp
DrawStatusTextW
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetImageInfo
ord6
_TrackMouseEvent
CreateToolbarEx
ord16
ImageList_Add
ImageList_GetImageCount
ord17
CreateStatusWindowW
ImageList_Copy
ImageList_SetFilter
ImageList_Remove
ord8
ord5
ImageList_Destroy
ImageList_AddMasked
FlatSB_SetScrollInfo
ImageList_Merge
CreatePropertySheetPageA
FlatSB_ShowScrollBar
ImageList_Write
ImageList_SetDragCursorImage
ImageList_Duplicate
InitCommonControlsEx
ImageList_SetIconSize
ord15
UninitializeFlatSB
FlatSB_GetScrollRange
ord2
DestroyPropertySheetPage
FlatSB_EnableScrollBar
ImageList_GetImageRect
FlatSB_SetScrollPos
ImageList_DrawEx
ord3
ord4
ImageList_GetIconSize
ImageList_BeginDrag
FlatSB_SetScrollRange
ImageList_GetBkColor
PropertySheetW
ImageList_ReplaceIcon
ImageList_Replace
ord7
ImageList_DrawIndirect
ord13
PropertySheetA
ImageList_GetDragImage
FlatSB_SetScrollProp

shell32

Shell_NotifyIconW
StrNCmpA
ExtractIconW
SHGetMalloc
ord179
StrCmpNIW
SHGetFileInfoA
SheGetDirA
SHQueryRecycleBinW
DragQueryFileW
ExtractAssociatedIconA
StrNCmpIA
SheChangeDirExW
DoEnvironmentSubstW
SHEmptyRecycleBinA
ExtractAssociatedIconExW
DragFinish
SHFreeNameMappings
SHGetDataFromIDListW
SHInvokePrinterCommandW
CommandLineToArgvW
StrCmpNW
ExtractAssociatedIconExA
StrRChrIW
SheChangeDirA
ShellAboutW
StrStrA
SHGetPathFromIDListA
WOWShellExecute
SHGetSpecialFolderPathA
StrRChrIA
StrCmpNA
Shell_NotifyIconA
StrRStrIA
SHInvokePrinterCommandA
FindExecutableA
SHUpdateRecycleBinIcon
SHBrowseForFolderA
ExtractIconExA
FindExecutableW
StrRStrA
SHAddToRecentDocs
CheckEscapesW
SHGetSettings
DragQueryFileA
DragAcceptFiles
SHEmptyRecycleBinW
DuplicateIcon
DragQueryFileAorW
DragQueryPoint
StrChrIW
StrNCmpW
StrChrA
InternalExtractIconListA
ExtractIconExW
ord180
SHGetSpecialFolderPathW
StrChrW
SheSetCurDrive
ShellAboutA
SHGetInstanceExplorer
SHAppBarMessage
StrStrIW
RegenerateUserEnvironment
StrRChrA
SHGetSpecialFolderLocation
SHGetDesktopFolder

version

GetFileVersionInfoA
VerFindFileA
VerInstallFileA
VerInstallFileW

msvcrt

_ismbstrail
fputc
_isatty
_wchmod
_mbsdup
_CIatan2
_wstrtime
fwprintf
vswprintf
_mbsncpy
fseek
_fgetwchar
swscanf
_setmaxstdio
feof
__lc_codepage
_mbctohira
fread
_strerror
fprintf
_safe_fdiv
__p__iob
_stricoll
setlocale
_wcmdln
_outpd
__CxxFrameHandler
_wcslwr
_mbsnbset
_execlp
_wexecvpe
fsetpos
_unlink
_setmbcp
fputws
_wexecve
fopen
towlower
fclose
sprintf
ftell
_ismbckata
_mbsnbcoll
_mbscoll
fputs
printf
memset
_ismbbpunct
fwrite
ferror

Exports

Exports

Dwzpmfuzzo
Eaoyilup
Kxvuyt
Ntlbquf
Ryacpctjjt
Rzyyj
Wwswp
Yvgnkhobk

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85a40d09a327da03c746e55b7f65cd23

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

version

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 5KB