a303d7a11031f5857442febe27df22b7f8858d7cf056981c766f0afb2bbacb5e

Sharing

Copy URL Twitter E-mail

General

Target

a303d7a11031f5857442febe27df22b7f8858d7cf056981c766f0afb2bbacb5e
Size

112KB
MD5

cd075db513f83753b8d6995ae8af2b70
SHA1

6dd98366360451f79c1dfa2d19a447dce8d6ee73
SHA256

a303d7a11031f5857442febe27df22b7f8858d7cf056981c766f0afb2bbacb5e
SHA512

b816e3fa385701e5dc2ea0933ecdd24a25b1d832a4d1b717fc30d3f30df7cc2335af5c92521be87ff3753fd6803b749dffe0ae28d5d6ecec6e779ddec561e797
SSDEEP

1536:1d+LsooCJV/jKortmM2Pg/Gyd4auYnmT3BoUKmXTnkld8dhX3CIDSNz3+J:n+LsotVrrmGbd4aajgmXjLdhXo+

Score

N/A

Malware Config

Signatures

Files

a303d7a11031f5857442febe27df22b7f8858d7cf056981c766f0afb2bbacb5e
.dll windows x86

3cf7b8058bd681e3f70cff34614d47b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PurgeComm
PeekConsoleInputA
UnlockFile
CreateJobObjectW
OutputDebugStringA
FindFirstChangeNotificationW
CreateEventW
GetSystemTime
SetComputerNameA
GetUserDefaultLCID
IsValidLocale
SetConsoleMaximumWindowSize
VerLanguageNameW
VirtualFreeEx
lstrcpyW
FreeLibrary
GetVersion
GetCommMask
CreateMailslotW
EnumResourceTypesA
lstrcatA
GetCPInfoExW
BuildCommDCBA
GlobalMemoryStatus
LocalAlloc
FindNextVolumeA
AddConsoleAliasA
GetModuleHandleA
SetMailslotInfo
ReleaseSemaphore
Process32NextW
ChangeTimerQueueTimer
GetProfileIntW
SetEvent
SearchPathA
GetCurrentProcess
GetNumberOfConsoleMouseButtons
EscapeCommFunction
FormatMessageA
ReadFile
GetHandleInformation
LoadLibraryA
WaitForSingleObject
GetLocalTime
GetProcAddress
CancelWaitableTimer
WriteProfileSectionA
WriteProfileStringA
SetConsoleTitleA
LocalUnlock
VirtualAlloc

user32

GetDialogBaseUnits
CharNextExA
SetProcessDefaultLayout
MapDialogRect
SetWindowsHookExA
OemToCharBuffA
SendNotifyMessageA
IMPGetIMEA
GetMenuBarInfo
SetMenuItemInfoW
SetCursorPos
CharLowerBuffA
LoadKeyboardLayoutA
ReleaseCapture
DdeQueryStringW
ExitWindowsEx
SetSysColors
MenuItemFromPoint
InSendMessage
CloseDesktop
MsgWaitForMultipleObjectsEx
LoadImageW
InSendMessageEx
PeekMessageA
ReleaseDC

gdi32

ExtCreatePen
CombineRgn
CreateDIBPatternBrush
EnumFontFamiliesW
GetGlyphIndicesW
EnumFontsA
DeleteDC
SetStretchBltMode
SelectObject
GetWindowOrgEx
GetLogColorSpaceW
GetNearestPaletteIndex
GetTextExtentPoint32A
PathToRegion
RemoveFontResourceExW
PolyPolyline
GetCharWidth32A
CreateRectRgnIndirect
CreateCompatibleBitmap
SetICMProfileW
GetROP2
FloodFill
GetGlyphOutlineW
CreateCompatibleDC
ExtTextOutA
Pie
SetICMProfileA
CreateDCW
GdiGetDevmodeForPage
SetPixelFormat
SetPolyFillMode
GetWorldTransform
AbortPath
LPtoDP
DPtoLP
GetLayout
CloseMetaFile
AddFontResourceExW
GetTextAlign
GetTextExtentPointI
GetRelAbs
DeleteEnhMetaFile
GetObjectA
SetBkColor
LineTo
CreatePatternBrush
GetStockObject
GetArcDirection
OffsetWindowOrgEx
RemoveFontMemResourceEx

opengl32

glTexCoord3d
glTexImage2D
wglCreateContext
glColor3sv
wglMakeCurrent
glEdgeFlag
glIndexi
wglDeleteContext
glColor4us

shell32

StrCmpNIA
StrRChrW

shlwapi

SHDeleteKeyW
SHQueryInfoKeyW
StrToIntW
PathIsSameRootA
PathFindExtensionW
PathGetArgsA
PathIsContentTypeA
SHDeleteValueA
PathBuildRootW
PathRemoveExtensionA
PathFindNextComponentW
StrCSpnIW
SHDeleteKeyA
PathStripPathA
UrlGetLocationW
StrToIntA
StrCSpnA
SHEnumValueW
PathRemoveExtensionW
PathRemoveArgsA
StrDupW
StrPBrkW
PathCreateFromUrlA
PathAddBackslashW
SHQueryInfoKeyA
PathRenameExtensionW
PathSkipRootW
SHEnumKeyExA
SHRegQueryInfoUSKeyW
PathIsFileSpecA
UrlCombineA
SHEnumValueA
PathRemoveFileSpecA
StrNCatW
PathFindExtensionA
PathIsSameRootW
PathMakeSystemFolderA
StrCpyW

version

VerInstallFileW

winspool.drv

ConvertUnicodeDevModeToAnsiDevmode
OpenPrinterA
SetJobW
SetPrinterDataA
DocumentPropertiesA

msvcrt

_mbsspnp
_mbsnextc
_mbccpy
_tempnam
feof
fwrite
ferror
_unlink
_findfirst
_getdllprocaddr
fsetpos
_stricmp
fread
_fpclass
ungetwc
_kbhit
isdigit
fprintf
fopen
fclose
_heapadd
_mbsstr
fseek
_gcvt
printf
__wargv
iswlower
strspn
sprintf
fwprintf
ftell
fputs
_wstat
_sys_nerr
memset
fputc

Exports

Exports

Bnvdku
Glhmgganf
Ioylbptu
Jncftcn
Mzpgfet
Qdgprqcod
Rqbumxmfxh
Vjslzr

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cf7b8058bd681e3f70cff34614d47b1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

shell32

shlwapi

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 8KB - Virtual size: 6KB