e42d903f2636e3f779b269288fa1a9a09b515f55cde3b25d06c13ed7c8e91bf1

Sharing

Copy URL

Twitter E-mail

General

Target

e42d903f2636e3f779b269288fa1a9a09b515f55cde3b25d06c13ed7c8e91bf1
Size

853KB
MD5

5b842d4a911ac0a9415dc031c7ce9f90
SHA1

3792f69be26e857e7da8bb8536363f51985be6fd
SHA256

e42d903f2636e3f779b269288fa1a9a09b515f55cde3b25d06c13ed7c8e91bf1
SHA512

6759893f4ec79e8f43ca986e04abbc0af5d475d8403519968cba698a4cdead9e1b31e022292b8f86593c1574692f42dbf2aaa1f5543887ce197530a2ead040c4
SSDEEP

12288:4FWdlKSNJB2zfrJm1X3a1KWVm5SkwIoLsdEA3knNr1GDU70cipgwGd7Ro5y4KubX:7n2zfrcl3acGmckeLsdq94xjSyNK7Qx

Score

N/A

Malware Config

Signatures

Files

e42d903f2636e3f779b269288fa1a9a09b515f55cde3b25d06c13ed7c8e91bf1
.dll windows x86

2cbfb4e9baef12d3a5cc83940c0da75a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
IsValidCodePage
GetOEMCP
SetStdHandle
GlobalUnlock
DuplicateHandle
HeapReAlloc
GetCPInfo
GetExitCodeThread
GetVersion
EnterCriticalSection
LoadLibraryW
GetProcAddress
GetStringTypeW
SetConsoleCtrlHandler
LCMapStringW
GetFileInformationByHandle
TlsGetValue
FindNextFileW
ResetEvent
WriteConsoleW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
CancelIo
SetErrorMode
GetSystemDirectoryW
SetEndOfFile
CopyFileW
InterlockedDecrement
GlobalSize
SetLastError
HeapQueryInformation
LoadLibraryA
GetLastError
TerminateProcess
GetVersionExW
LockResource
TlsAlloc
GetProcessAffinityMask
CreateFileW
OutputDebugStringW
GetThreadPriority
SetThreadExecutionState
HeapFree
GetSystemTimeAsFileTime
GetStdHandle
HeapCreate
FileTimeToSystemTime
SetEvent
GetModuleFileNameW
CloseHandle
SetThreadPriority
InterlockedIncrement
HeapSetInformation
FindClose
QueryPerformanceFrequency
RemoveDirectoryW
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
FreeEnvironmentStringsW
GetFileAttributesW
ReadDirectoryChangesW
LeaveCriticalSection
FindFirstFileW
VirtualAlloc
InterlockedExchange
SizeofResource
GlobalAlloc
GetConsoleMode
lstrlenW
ReadFile
LocalFileTimeToFileTime
SetFilePointer
QueryPerformanceCounter
GetEnvironmentStringsW
TlsFree
WriteFile
GetFileTime
FileTimeToLocalFileTime
GetTickCount
VirtualFree
lstrcatA
GetStartupInfoA
GetModuleFileNameA
GetModuleHandleA
LocalFree
lstrcpyA
RaiseException
GetCurrentProcessId
CreateMutexW
VirtualProtect
GetModuleHandleW
FindResourceW
CreateThread
IsProcessorFeaturePresent
GetConsoleCP
HeapAlloc
ExitThread
FlushInstructionCache
WaitForMultipleObjects
GetProcessHeap
GetCurrentThreadId
SleepEx
GetSystemInfo
MulDiv
SystemTimeToFileTime
CreateEventW
TlsSetValue
GetFileSize
Sleep
LocalAlloc
HeapDestroy
HeapSize
UnhandledExceptionFilter
DeleteFileW
GetCurrentThread
SetHandleCount
FindResourceExW
GetCurrentProcess
VirtualQuery
GetFileType
ExitProcess
GetFileAttributesExW
GlobalFree
InterlockedCompareExchange
FreeLibrary
WaitForSingleObject
MultiByteToWideChar
GetOverlappedResult
FlushFileBuffers
GetACP
GetCommandLineW
SetUnhandledExceptionFilter
RtlUnwind
GlobalLock
GetStartupInfoW
ResumeThread
MoveFileExW

user32

EnableWindow
GetMessageW
CloseClipboard
MessageBeep
GetMessagePos
ScreenToClient
DrawEdge
UnregisterClassW
DrawIconEx
FillRect
IntersectRect
GetWindowRect
CopyRect
UnhookWindowsHookEx
DrawTextW
SetWindowTextW
EnumChildWindows
TranslateAcceleratorW
GetDlgCtrlID
DestroyMenu
GetDlgItem
LoadAcceleratorsW
MapDialogRect
GetMenu
GetParent
CreateWindowExW
GetMenuItemCount
SetTimer
EndDeferWindowPos
RegisterShellHookWindow
AdjustWindowRect
RegisterClassW
IsClipboardFormatAvailable
IsCharAlphaW
GetSystemMetrics
DeregisterShellHookWindow
SendDlgItemMessageW
SetMenuItemInfoW
RegisterClipboardFormatW
GetClientRect
GetWindowThreadProcessId
MonitorFromRect
EmptyClipboard
SetClipboardData
GetMenuItemInfoW
DestroyIcon
PostMessageW
KillTimer
SetWindowsHookExW
UnregisterClassA
IsWindowEnabled
RegisterWindowMessageW
GetClipboardData
CreatePopupMenu
GetWindowDC
GetWindowTextW
OffsetRect
IsChild
GetComboBoxInfo
ShowWindow
SetForegroundWindow
TrackPopupMenu
DefWindowProcW
UnregisterHotKey
SetWindowLongW
GetClassNameW
CheckMenuRadioItem
LoadCursorW
IsDialogMessageW
MapWindowPoints
EndDialog
MsgWaitForMultipleObjects
DialogBoxParamW
CharLowerW
EndPaint
DispatchMessageW
SetFocus
GetWindowLongW
LoadIconW
MoveWindow
SetLayeredWindowAttributes
SetCursor
SetCapture
SetActiveWindow
RegisterClassExW
CharUpperW
GetActiveWindow
GetFocus
GetKeyState
DeferWindowPos
MessageBoxW
DestroyAcceleratorTable
RegisterHotKey
IsIconic
TrackPopupMenuEx
CallNextHookEx
GetScrollInfo
RedrawWindow
SendMessageW
TranslateMessage
GetWindowPlacement
MapVirtualKeyW
GetDC
LoadImageW
GetClassInfoExW
OpenClipboard
CreateDialogParamW
GetSysColor
InvalidateRect
wsprintfW
ReleaseDC
GetMonitorInfoW
EnumThreadWindows
DestroyWindow
CallWindowProcW
UpdateWindow
AdjustWindowRectEx
AppendMenuW
SetWindowPos
SetDlgItemTextW
BeginDeferWindowPos
IsWindowVisible
ClientToScreen
PeekMessageW
AllowSetForegroundWindow
MonitorFromPoint
BeginPaint
WindowFromPoint
PostQuitMessage
EnumWindows

gdi32

SetBkColor
GetTextExtentPoint32W
SetDCBrushColor
GetStockObject
SetWindowOrgEx
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SelectObject
DeleteDC
SetTextColor
SetBkMode
GetObjectW
ExtTextOutW
OffsetWindowOrgEx

advapi32

RegDeleteValueW
CryptDestroyHash
CryptImportKey
CryptVerifySignatureW
CryptReleaseContext
RegOpenKeyW
RegCloseKey
CryptGetHashParam
CryptDestroyKey
RegQueryInfoKeyW
CryptHashData
CryptCreateHash
RegCreateKeyExW
RegEnumKeyExW
CryptAcquireContextW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegEnumValueW

ole32

OleSetClipboard
OleGetClipboard
CoCreateInstance
ReleaseStgMedium
OleUninitialize
CreateStreamOnHGlobal
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitialize

shlwapi

StrCmpLogicalW
SHAutoComplete
ColorHLSToRGB
SHDeleteKeyW

crypt32

CertVerifyRevocation
CertCloseStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertFindCertificateInStore
CertOpenSystemStoreW
CertVerifyTimeValidity
CertFreeCertificateContext

iphlpapi

AddIPAddress

secur32

DeleteSecurityContext
FreeCredentialsHandle
QueryContextAttributesW
EncryptMessage
AcquireCredentialsHandleW
DecryptMessage
FreeContextBuffer
ApplyControlToken
InitializeSecurityContextW

oledlg

ord6

wldap32

ord11

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.peg3
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 707KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cbfb4e9baef12d3a5cc83940c0da75a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

crypt32

iphlpapi

secur32

oledlg

wldap32

Sections

.text Size: 34KB - Virtual size: 33KB

.peg3 Size: 54KB - Virtual size: 53KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 707KB - Virtual size: 758KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 33KB

.peg3
Size: 54KB - Virtual size: 53KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 707KB - Virtual size: 758KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 3KB