d062ba358b9111903a0083670a78fa52cae6bf63b1c99fbdc87c1acf4a3b9eec

Sharing

Copy URL

Twitter E-mail

General

Target

d062ba358b9111903a0083670a78fa52cae6bf63b1c99fbdc87c1acf4a3b9eec
Size

161KB
MD5

e5fd7667c1d2ad4b1f8efb89cad24715
SHA1

a73b19249d8e9a4a3e8e5f7d7ec34fa8be6f9881
SHA256

d062ba358b9111903a0083670a78fa52cae6bf63b1c99fbdc87c1acf4a3b9eec
SHA512

717c1b88d0e74e2529d9d6083c17914112810f9cbfda13fb36290200f74e94466fc02f3eabdfcc25de8baef0ed09684c13853027a9260d9599d97731a2ac56c2
SSDEEP

3072:ZFvz4ZfF5fdsQOB2FcNt4wzotIWMnYMIrsPHtJd2JDPwQBkbGQ:Zm5fCnCgOaotIWMnYMIr8xSJBS

Score

N/A

Malware Config

Signatures

Files

d062ba358b9111903a0083670a78fa52cae6bf63b1c99fbdc87c1acf4a3b9eec
.dll windows x86

486e036a92c562c8c28066829abdf539

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetTempPathA
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
GetCommandLineA
InterlockedIncrement
IsBadCodePtr
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
OpenProcess
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrlenA
lstrlenW
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushInstructionCache
CloseHandle
FlushFileBuffers
FindResourceA
FindFirstFileA
FindClose
ExitProcess
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateProcessA
CreateFileA
CreateDirectoryA
InterlockedDecrement

user32

IsDialogMessageA
IsWindow
LoadCursorA
LoadImageA
MoveWindow
PeekMessageA
PostQuitMessage
RedrawWindow
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetFocus
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
IsChild
UnhookWindowsHookEx
wsprintfA
GetMessageA
GetFocus
GetDlgItem
GetDesktopWindow
GetDC
GetCursor
GetClientRect
GetClassNameA
GetClassInfoExA
FillRect
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
CreateDialogIndirectParamA
CreateAcceleratorTableA
CallWindowProcA
CallNextHookEx
InvalidateRect
InvalidateRgn
BeginPaint
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetSystemMetrics
GetSysColor
TranslateMessage
GetParent
DestroyWindow

gdi32

GetStockObject
GetObjectA
SelectObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
PatBlt
BitBlt

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
StringFromCLSID
CoInitialize
CLSIDFromProgID
OleUninitialize

oleaut32

DispCallFunc
OleCreateFontIndirect
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantClear
LoadRegTypeLi

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetGetConnectedState

comctl32

ord17

Exports

Exports

BeginSession
PSTCreateTypeSubType_NoUI
PszDayFromIndex
UpdateRebarBandColors
WriteSpan
WriteStreamToFileHandle

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

486e036a92c562c8c28066829abdf539

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

wininet

comctl32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 20KB - Virtual size: 20KB