c3b983b3befccc5315fa793d2353df76240c618926e5f0c2270ee41b7c26ba9d

Sharing

Copy URL

Twitter E-mail

General

Target

c3b983b3befccc5315fa793d2353df76240c618926e5f0c2270ee41b7c26ba9d
Size

390KB
MD5

baf863080e468f2b20e1d359d66033a2
SHA1

66fbed0b63b7606ebaa152fb3f9ff566841fe87c
SHA256

c3b983b3befccc5315fa793d2353df76240c618926e5f0c2270ee41b7c26ba9d
SHA512

5c37e203be844d8fdc297129c1842ec8928387887742ff7aacdb28d927063f9832491f23be358204face358dc212e4470793b4ca75c5c75f53ca7c0ff5ae90a5
SSDEEP

6144:2rYF8iXrcJ+Nm4JPXcX9lNOY9+iqShJFugOTmZOs1o75ty0nEN:2rYF8ik+HJkOM+iqSkgcmUco75U0nE

Score

N/A

Malware Config

Signatures

Files

c3b983b3befccc5315fa793d2353df76240c618926e5f0c2270ee41b7c26ba9d
.dll windows x86

52d7c150bb545e34da6e7e10cdbbc6cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
GetCommandLineA
RtlUnwind
RaiseException
VirtualAlloc
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
CompareStringW
SetHandleCount
GetStartupInfoA
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
InterlockedCompareExchange
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
InterlockedExchange
GlobalFlags
lstrcmpA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrlenA
GetCurrentProcessId
GetComputerNameA
ReadFile
CreateProcessA
CreatePipe
FindClose
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLongPathNameA
LoadLibraryExA
ResumeThread
SuspendThread
CreateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileStringA
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
DeleteFileA
GetModuleFileNameA
GetTempPathA
Sleep
TerminateProcess
WaitForSingleObject
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
GetLogicalDriveStringsA
GetLastError
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
lstrcmpiA
GetVersionExA
GetModuleHandleA
GetProcAddress
CreateFileA
GetDriveTypeA
GetCurrentProcess
OutputDebugStringA
GetWindowsDirectoryA
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
LocalFree
InterlockedDecrement
WideCharToMultiByte
GetFileType
MultiByteToWideChar

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
ValidateRect
ReleaseDC
GetDC
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsWindowEnabled
SetWindowTextA
LoadIconA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
FindWindowA
EnumChildWindows
EnableWindow
SendMessageA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
GetClassNameA
GetWindowThreadProcessId
PostMessageA
LoadStringA
RegisterWindowMessageA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetWindow
GetSystemMetrics
GetWindowRect
GetWindowPlacement
GetClientRect
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic

gdi32

GetStockObject
DeleteDC
SelectObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetClipBox
Escape
TextOutA
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
DeleteObject
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
GetDeviceCaps
SetViewportOrgEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

GetExplicitEntriesFromAclA
GetSecurityDescriptorDacl
IsValidSecurityDescriptor
RegEnumKeyA
RegDeleteValueA
RegEnumValueA
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
RegEnumKeyExA
LookupAccountNameA
ConvertSidToStringSidA
IsValidSid
LookupAccountSidA
GetTokenInformation
RegCloseKey
RegOpenKeyExA
OpenProcessToken
RegQueryValueExA

shell32

SHGetFolderPathW
SHGetFolderPathA
ShellExecuteA

shlwapi

SHGetValueA
PathRemoveFileSpecA
StrStrIA
PathFileExistsA
PathIsDirectoryA
StrToIntA
PathAppendA
PathFindFileNameA
PathFindExtensionA
PathAppendW

oleaut32

VariantChangeType
VariantInit
VariantClear

wtsapi32

WTSEnumerateSessionsA
WTSFreeMemory

psapi

EnumProcesses
GetProcessImageFileNameA
GetModuleFileNameExA

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

userenv

LoadUserProfileA
CreateEnvironmentBlock
UnloadUserProfile
DestroyEnvironmentBlock

netapi32

NetUserEnum
NetLocalGroupEnum
NetApiBufferFree
NetShareEnum

Exports

Exports

GetDllVersion
PauseCheck
StartCheck
StopCheck
StopCheckEx

Sections

.text
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52d7c150bb545e34da6e7e10cdbbc6cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

wtsapi32

psapi

version

userenv

netapi32

Exports

Exports

Sections

.text Size: 275KB - Virtual size: 274KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 10KB - Virtual size: 40KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 275KB - Virtual size: 274KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 10KB - Virtual size: 40KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 37KB - Virtual size: 37KB