f60480c67abd170fd91a412fcae07858a5228e1801d572b77f827b69543202ff

Sharing

Copy URL Twitter E-mail

General

Target

f60480c67abd170fd91a412fcae07858a5228e1801d572b77f827b69543202ff
Size

188KB
MD5

18f12f6bbba09f458a750c457527b5cd
SHA1

e06a64f95cda6fb42debb27a7b70ae8965a4031c
SHA256

f60480c67abd170fd91a412fcae07858a5228e1801d572b77f827b69543202ff
SHA512

0f0fa9cdb66db3ea49c54ae75b4fbb5790b5b2bff5c95e77ca12177968c29b87533aad1fd2858bcd59a133b8a0fede49c1dc24ada44a3daf621229320ce21a99
SSDEEP

3072:hR203AvIkJ923ctjYO70yWPjAq+UwS1o7FNR0qd9XW+kaRQ95/QO7N:hRavIkzztMOzyt+URiLeqtfQ95/QOJ

Score

N/A

Malware Config

Signatures

Files

f60480c67abd170fd91a412fcae07858a5228e1801d572b77f827b69543202ff
.dll windows x86

857c34c9d4a1ea718650d7bbd2f2cdce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteValueA
SHSetValueA
SHGetValueA

msvcrt

time
__CxxFrameHandler
??2@YAPAXI@Z
strrchr
getenv
rand
srand
fwrite
fread
fclose
ftell
fseek
fopen
_access
sprintf
atoi
strstr
strncpy
_strlwr
_strnicmp
_stat
_CxxThrowException
strncmp
wprintf
??1type_info@@UAE@XZ
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
wcscpy
wcscat
wcslen
atol
sscanf
memmove
wcscmp
printf
_snprintf
rename
_mbsnbicmp
localtime
mktime
vsprintf
free
malloc

ws2_32

ntohl
inet_addr
gethostname
htons
recvfrom
bind
socket
sendto
ntohs
gethostbyname
WSAStartup

iphlpapi

GetAdaptersInfo

rasapi32

RasEnumConnectionsA
RasEnumEntriesA
RasGetEntryDialParamsA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA

netapi32

Netbios

advapi32

LsaClose
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
DeleteService
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidW
LsaOpenPolicy
LsaRetrievePrivateData
RegOpenKeyExW
RegConnectRegistryA
RegOpenKeyA
RegEnumKeyA
StartServiceA
CreateServiceA

user32

ChangeClipboardChain
PostQuitMessage
SetClipboardViewer
DefWindowProcA
GetPriorityClipboardFormat
OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
CloseClipboard
SendMessageA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaNumericA
wsprintfW
wsprintfA
GetThreadDesktop
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
CloseWindowStation
CloseDesktop
GetSystemMetrics

oleaut32

GetErrorInfo
VariantInit
VariantClear

kernel32

GetModuleHandleW
TerminateThread
LocalFree
LocalAlloc
lstrlenA
SetLastError
WriteFile
CreateFileW
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
MoveFileExA
GetSystemDirectoryA
DeviceIoControl
GetFileSize
ReadFile
GetVersionExA
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
GetModuleFileNameA
CreateMutexA
SetFileAttributesA
GetWindowsDirectoryA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetTempPathA
GetTickCount
CopyFileA
DeleteFileA
MoveFileA
BeginUpdateResourceA
UpdateResourceA
GetStartupInfoA
CreatePipe
TerminateProcess
OpenProcess
FindFirstFileA
SetFilePointer
WritePrivateProfileStringA
InterlockedCompareExchange
GetPrivateProfileStringA
GetPrivateProfileIntA
WideCharToMultiByte
GetEnvironmentVariableA
GetSystemDefaultLCID
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
GetCurrentThread
GetCurrentProcessId
FindClose
FindNextFileA
lstrcpyA
lstrcatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDrives
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemDirectoryW
GetExitCodeThread
LoadResource
GetCurrentThreadId
CreateFileA
EndUpdateResourceA
LoadLibraryA
FindResourceA
LockResource
SizeofResource
FreeLibrary
InterlockedExchange
GetLastError
Sleep
CreateProcessA
CreateThread
CloseHandle

mfc42

ord6877
ord540
ord860
ord535
ord800
ord537
ord5683
ord2818
ord858
ord924
ord4129

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
DeleteObject
GetPixel
DeleteDC
GetDIBits

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StgOpenStorage
StgIsStorageFile
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance

Exports

Exports

DealA
DealB
DealC

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

857c34c9d4a1ea718650d7bbd2f2cdce

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

advapi32

user32

oleaut32

kernel32

mfc42

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 41KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 41KB

.reloc
Size: 10KB - Virtual size: 10KB