bde9297a50883885ab29b97ce5a45243333bb262cf96f8f06963edaabd5ec6e9

Sharing

Copy URL

Twitter E-mail

General

Target

bde9297a50883885ab29b97ce5a45243333bb262cf96f8f06963edaabd5ec6e9
Size

96KB
MD5

3197c9fdc37459522c54d8c7220e7c6b
SHA1

224879e7a29aaba8ac6f3649e0d412deded9452f
SHA256

bde9297a50883885ab29b97ce5a45243333bb262cf96f8f06963edaabd5ec6e9
SHA512

cb655ead1e3cf3070d33a481eb21c406451e25269a026e148c8b69ea12fba9df6c665270ffb637fa34de0a6e8128ab8cc5f71c4c822e9ab73cacc59ff4aada69
SSDEEP

1536:DDe6W45WlUGPMv8bbMChflTy2DulFzaRqLRRejr9N+CcLiY2CY7U:fe6alU1iJhZtK0qNUpN+VY7U

Score

N/A

Malware Config

Signatures

Files

bde9297a50883885ab29b97ce5a45243333bb262cf96f8f06963edaabd5ec6e9
.dll windows x86

3e1f84f6e209af91fc6d40eec380dd06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA
UrlEscapeA

wininet

InternetCrackUrlA

kernel32

Sleep
GetCurrentThreadId
WideCharToMultiByte
GetSystemTimeAsFileTime
CloseHandle
CreateThread
GetVolumeInformationA
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
InterlockedExchange
GetACP
GetLocaleInfoA
InterlockedIncrement
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
LoadLibraryA
GetStringTypeW
GetStringTypeA
InterlockedDecrement
GetEnvironmentStringsW
UnhandledExceptionFilter
GetLastError
WriteFile
GetVersionExA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetCurrentProcessId
GetTickCount
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
MultiByteToWideChar
LocalFree
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
GetCommandLineA
HeapAlloc
ExitProcess
HeapReAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
QueryPerformanceCounter

user32

ShowWindow
IsCharAlphaA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetActiveWindow
GetFocus
GetSystemMetrics
wsprintfA
SetWindowPos
SetForegroundWindow
SetActiveWindow
SetFocus

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegFlushKey
RegCloseKey

ole32

CoUninitialize
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoInitialize

oleaut32

VariantInit
VariantCopy
VariantClear
SysFreeString
SysAllocString
GetErrorInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
do_work

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.subsec
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e1f84f6e209af91fc6d40eec380dd06

Headers

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 5KB

.subsec Size: 12KB - Virtual size: 12KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 5KB

.subsec
Size: 12KB - Virtual size: 12KB