0c11c264ff01a46adb898888169e96b008df5d64f5e32321cf501d6f920961e6

Sharing

Copy URL Twitter E-mail

General

Target

0c11c264ff01a46adb898888169e96b008df5d64f5e32321cf501d6f920961e6
Size

172KB
MD5

b00825882e9e003ee0b24abbbedc7360
SHA1

ad43a26d15abc31a674b88966eec28ae51dbfb73
SHA256

0c11c264ff01a46adb898888169e96b008df5d64f5e32321cf501d6f920961e6
SHA512

0f1c5ecf4d7d20561e744d693d43f05f2913ce71eed487778ebe3d86de7224ffb7d4482ef31360e902d81ba8f408b5c2120ea46cbb7ef380c4e05689850762a8
SSDEEP

3072:06jOsCaG7swMYTEVgJCLjH4HoF00+QkMIq6hVvphkZQukTi:KBs9YTzAH660lQkMIrTvphkZ

Score

N/A

Malware Config

Signatures

Files

0c11c264ff01a46adb898888169e96b008df5d64f5e32321cf501d6f920961e6
.dll windows x86

131d10c7334a6c64469e6463e67eddda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
StrStrIA

kernel32

GetCurrentProcess
TerminateProcess
lstrcmpiA
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateEventA
Sleep
SetEvent
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CreatePipe
GetProcAddress
LoadLibraryA
lstrlenA
WriteProcessMemory
VirtualAlloc
ReadProcessMemory
InterlockedExchange
GetModuleFileNameW
GetSystemInfo
CreateFileA
ExitProcess
GetCurrentProcessId
GetModuleHandleA
MultiByteToWideChar
ExpandEnvironmentStringsA
CopyFileA
CreateDirectoryA
MoveFileExA
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
ReleaseMutex
GetCommandLineA
GetModuleFileNameA
GetEnvironmentVariableA
OpenEventA
CreateMutexA
WriteFile
EnterCriticalSection
GetCurrentThreadId
TerminateThread
LocalAlloc
LocalFree
lstrcpyA
ResetEvent
GetTickCount
WaitForSingleObject
VirtualQueryEx
CloseHandle
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
VirtualProtectEx

user32

FindWindowA
MessageBoxA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
EnumWindows
PostMessageA
GetWindowThreadProcessId
SetParent
wsprintfA
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
keybd_event
mouse_event
MapVirtualKeyA
SetCapture
WindowFromPoint
SystemParametersInfoA
SendMessageA
BlockInput
SetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

gdi32

SelectObject
CreateCompatibleDC
DeleteObject
DeleteDC
BitBlt
GetDIBits
CreateCompatibleBitmap
CreateDIBSection

advapi32

GetTokenInformation
LookupAccountSidA
OpenProcessToken
RegSetValueA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcrt

__dllonexit
_adjust_fdiv
_initterm
calloc
_beginthreadex
rename
wcscpy
wcscat
wcslen
time
strstr
srand
strncat
atoi
strrchr
__CxxFrameHandler
malloc
free
??2@YAPAXI@Z
_except_handler3
strchr
_strnicmp
_mkdir
??0exception@@QAE@ABV0@@Z
strlen
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
memcpy
??1type_info@@UAE@XZ
_ftol
??3@YAXPAX@Z
memmove
_onexit
ceil

ws2_32

select
recv
WSAGetLastError
WSACleanup
WSAIoctl

psapi

EnumProcessModules
GetModuleFileNameExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

Exports

Exports

EMFunc
GdiMain

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

131d10c7334a6c64469e6463e67eddda

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcrt

ws2_32

psapi

wininet

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 40KB - Virtual size: 42KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 40KB - Virtual size: 42KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 12KB - Virtual size: 8KB