2007c2194f4974406c247f4f4073469ff5ab005cd174e20592da70aecfbe0fbb

Sharing

Copy URL Twitter E-mail

General

Target

2007c2194f4974406c247f4f4073469ff5ab005cd174e20592da70aecfbe0fbb
Size

78KB
MD5

519415c6de996f0c7d022a302884ffb0
SHA1

90a8c26e85f05bbc92f26f3c1dc4fea2544ec023
SHA256

2007c2194f4974406c247f4f4073469ff5ab005cd174e20592da70aecfbe0fbb
SHA512

2024babdb589571805338b67493027d26691b5afc07223943faa646e827a210b71c3076c89686c14b404c93fd7b8376408de451befb45e544cd8ec0caf94ff40
SSDEEP

1536:alxI2qmjssFJ4ptQXQCHV199RTg4uKyrZCLiN5q3kMj3pCO:8xFLJ6YQ29HzIEiN58p

Score

N/A

Malware Config

Signatures

Files

2007c2194f4974406c247f4f4073469ff5ab005cd174e20592da70aecfbe0fbb
.dll windows x86

1d2457716758bcefbb14dd708d25cb13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msdmo

DMOGuidToStrW
DMOEnum
MoCopyMediaType
DMOStrToGuidW
MoInitMediaType
DMOGuidToStrA
DMOStrToGuidA
MoDuplicateMediaType
MoFreeMediaType
DMOUnregister
DMORegister
MoCreateMediaType
DMOGetName
MoDeleteMediaType
DMOGetTypes

icm32

CMTranslateColors
CMIsProfileValid
CMCreateTransformW
CMCreateProfile
CMGetNamedProfileInfo
CMCreateProfileW
CMCheckColorsInGamut
CMCreateTransform
CMCreateMultiProfileTransform
CMCheckColors
CMCreateTransformExtW
CMTranslateRGB
CMConvertColorNameToIndex
CMGetInfo
CMCheckRGBs
CMCreateDeviceLinkProfile
CMConvertIndexToColorName
CMCreateTransformExt
CMTranslateRGBs
CMTranslateRGBsExt
CMDeleteTransform

user32

GetWindowRect
GetClientRect
GetWindowTextW
CreateWindowExA
DestroyCaret
GetDesktopWindow
GetWindowTextA
FindWindowA
GetForegroundWindow
FindWindowW

hhsetup

?SetId@CTitle@@QAEXPBD@Z
??1CFolder@@QAE@XZ
?AddTitle@CCollection@@QAEPAVCTitle@@PBG0000GIPAVCLocation@@PAKH0@Z
?Next@CPointerList@@QAEPAUListItem@@PAU2@@Z
?GetLangId@CCollection@@QAEGPBG@Z
??4CFolder@@QAEAAV0@ABV0@@Z
?First@CPointerList@@QAEPAUListItem@@XZ
?GetTitleW@CFolder@@QAEPBGXZ
?SetVersion@CCollection@@QAEXK@Z
?SetMasterCHM@CCollection@@QAEXPBGG@Z
?RemoveAll@CPointerList@@QAEXXZ
?IsDirty@CCollection@@QAEHXZ
?GetNextFolder@CFolder@@QAEPAV1@XZ
??4CFIFOString@@QAEAAV0@ABV0@@Z
?DeleteFolder@CCollection@@QAEKPAVCFolder@@@Z
?Close@CCollection@@QAEKXZ
?AllocCopyValue@CCollection@@AAEKPAVCParseXML@@PADPAPAD@Z
?GetRootFolder@CCollection@@QAEPAVCFolder@@XZ
?GetTitleW@CLocation@@QAEPBGXZ
?GetId@CLocation@@QBEPADXZ
?GetMasterCHM@CCollection@@QAEHPAPADPAG@Z
?AddFolder@CCollection@@QAEPAVCFolder@@PBGKPAKG@Z
??4CPointerList@@QAEAAV0@ABV0@@Z
?GetCollectionFileName@CCollection@@QAEPBDXZ
?GetPathW@CLocation@@QAEPBGXZ
?GetCollectionFileNameW@CCollection@@QAEPBGXZ
?SetParent@CFolder@@QAEXPAV1@@Z
?SetPath@CLocation@@QAEXPBD@Z
?AddRef@CCollection@@QAEXXZ
?AddTitle@CCollection@@QAEPAVCTitle@@PBD0000GIPAVCLocation@@PAKH0@Z
?wssResetNextColNum@CCollection@@AAEXXZ
?FindTitle@CCollection@@QAEPAVCTitle@@PBDG@Z
?GetTitle@CLocation@@QAEPADXZ
?SetLanguage@CTitle@@QAEXG@Z
?Release@CCollection@@AAEKXZ
?DeleteFolders@CCollection@@AAEXPAPAVCFolder@@@Z
?SetTitle@CFolder@@QAEXPBD@Z
?NewTitle@CCollection@@AAEPAVCTitle@@XZ

msvcrt

_wtempnam
_initterm
_osver
_cexit
_ismbbpunct
_cprintf
_lsearch
__getmainargs
_amsg_exit
_except_handler3
__iscsymf
_exit
_controlfp
__p__winmajor
_filelength
_i64tow
getenv
__set_app_type
exit
__p__fmode
__setusermatherr
_adjust_fdiv
__p___initenv
_XcptFilter
__p__commode

wininet

SetUrlCacheEntryGroup
FtpPutFileW
InternetSecurityProtocolToStringA
CreateUrlCacheEntryW
InternetConnectA
GopherOpenFileW
HttpSendRequestA
InternetGetCertByURL
SetUrlCacheConfigInfoA
InternetGetCookieExW
FindFirstUrlCacheEntryA
GopherGetAttributeW
FtpSetCurrentDirectoryA
InternetErrorDlg
InternetGetCertByURLA
InternetTimeToSystemTimeW
DeleteUrlCacheEntryA
HttpQueryInfoW
InternetSetCookieW
CommitUrlCacheEntryW
InternetReadFileExW
InternetCanonicalizeUrlW
SetUrlCacheHeaderData
GetUrlCacheConfigInfoA
InternetSetDialState

dbghelp

WinDbgExtensionDllInit
FindDebugInfoFile
SymGetLinePrev
SymInitialize
SymUnloadModule

kernel32

GetCurrentThreadId
VirtualAlloc
SetUnhandledExceptionFilter
TerminateProcess
ExitProcess
GetCommandLineW
CreateFileW
CreateFileA
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedCompareExchange
HeapCreate

mtxlegih

TryLegInterfaceFirst

shlwapi

PathFindExtensionW
PathGetDriveNumberA
StrStrIA
PathRemoveExtensionW
StrStrA
StrCSpnA
PathStripPathW
PathSkipRootW
PathStripPathA
StrCSpnW
PathFindExtensionA
PathSkipRootA
PathFindFileNameA
PathRemoveExtensionA
StrCmpIW
PathRemoveBlanksW
StrCmpW
StrTrimW
StrStrW
StrTrimA
StrStrIW
PathStripToRootW
PathGetDriveNumberW
PathStripToRootA
PathFindFileNameW
PathRemoveBlanksA

dhcpcsvc

McastRequestAddress
DhcpDeRegisterOptions
DhcpOpenGlobalEvent
DhcpReleaseIpAddressLease
DhcpCApiInitialize
DhcpRemoveDNSRegistrations
DhcpRegisterParamChange
DhcpCApiCleanup

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d2457716758bcefbb14dd708d25cb13

Headers

File Characteristics

Imports

msdmo

icm32

user32

hhsetup

msvcrt

wininet

dbghelp

kernel32

mtxlegih

shlwapi

dhcpcsvc

Sections

.text Size: 67KB - Virtual size: 67KB

.reloc Size: 3KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 14KB

.text
Size: 67KB - Virtual size: 67KB

.reloc
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 14KB