e0d0074e4055eb487fd91d088d64dc3f13d28efb7663649f547df88dcc3c3a2b

Sharing

Copy URL Twitter E-mail

General

Target

e0d0074e4055eb487fd91d088d64dc3f13d28efb7663649f547df88dcc3c3a2b
Size

3.1MB
MD5

1f7c958e18ca8661895c95197cf76c27
SHA1

c46659ac9cc138ae5ae8d8b249c1bed4e7fe666e
SHA256

e0d0074e4055eb487fd91d088d64dc3f13d28efb7663649f547df88dcc3c3a2b
SHA512

450e245a11a6d592bc7deeab78b304400e1161bdfc932bb520718c1a300b847f6481845fe42ca4ae2200b4065d22c1890ca3c95b38e86b23afed7fb825ac04e9
SSDEEP

49152:l7Bd7Bt/CH+1LKQUG9wzxHg9dntCdHp7WOR7bY2VwHiIQ:l7B3t/CH+JKQU24xHmntCdHpbRXD

Score

N/A

Malware Config

Signatures

Files

e0d0074e4055eb487fd91d088d64dc3f13d28efb7663649f547df88dcc3c3a2b
.dll windows x86

5988e083388d1b0a152c526bd36e5a0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

HttpOpenRequestW
InternetOpenW
HttpQueryInfoW
InternetCrackUrlW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetReadFile
HttpAddRequestHeadersW
DeleteUrlCacheEntryW
InternetCanonicalizeUrlW
GetUrlCacheEntryInfoW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetOpenUrlW
InternetSetFilePointer
InternetWriteFile

psapi

GetModuleFileNameExW
GetModuleBaseNameW
EnumProcessModules
EnumProcesses

kernel32

SetErrorMode
GlobalGetAtomNameW
GetFileSizeEx
GetFileTime
EncodePointer
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
FreeResource
GlobalFindAtomW
lstrcpyW
FindResourceExW
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetProfileIntW
SearchPathW
GetUserDefaultLCID
LocalReAlloc
SetThreadPriority
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
GetACP
GetModuleFileNameA
ExitProcess
QueryPerformanceFrequency
VirtualQuery
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
CreateThread
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalAddAtomW
GetPrivateProfileIntW
lstrcmpW
GlobalDeleteAtom
GetCurrentThread
FileTimeToLocalFileTime
lstrcmpiW
GetModuleHandleA
DuplicateHandle
GetVolumeInformationW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
LoadLibraryExW
MulDiv
GlobalSize
SetLastError
lstrcmpA
FlushFileBuffers
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
SystemTimeToFileTime
GetCurrentProcessId
GetFileSize
LockFileEx
LocalFree
CreateFileMappingA
UnlockFile
HeapCompact
GetSystemInfo
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
UnmapViewOfFile
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
InterlockedCompareExchange
GetFullPathNameW
HeapCreate
AreFileApisANSI
CreateSemaphoreW
ReleaseSemaphore
ResumeThread
GetCurrentThreadId
ResetEvent
SetEvent
CreateEventW
ExitThread
WaitForMultipleObjects
InitializeCriticalSection
TryEnterCriticalSection
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
TerminateProcess
GetSystemTimeAsFileTime
FreeLibrary
OpenProcess
GetVersionExW
GetShortPathNameW
LeaveCriticalSection
EnterCriticalSection
GetTempFileNameW
GetTempPathW
GlobalUnlock
GlobalLock
GetTickCount
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
LoadLibraryW
RaiseException
HeapReAlloc
GlobalFree
GlobalAlloc
HeapSize
GetCurrentProcess
HeapFree
ReadFile
GetExitCodeProcess
CreateProcessW
CreatePipe
FindNextFileW
GetStartupInfoW
FindClose
FindFirstFileW
Process32FirstW
DeleteFileW
Process32NextW
CreateToolhelp32Snapshot
WaitForSingleObject
SetEnvironmentVariableW
GetModuleFileNameW
CloseHandle
CreateFileW
WriteFile
CreateDirectoryA
WideCharToMultiByte
CopyFileW
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
LockResource
GetLastError
Sleep
GetPrivateProfileStringW
MultiByteToWideChar
SetFileAttributesW
GetSystemDirectoryW
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
SizeofResource
CreateDirectoryW
GetStdHandle
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW

user32

OffsetRect
SetRectEmpty
SendDlgItemMessageA
IntersectRect
InflateRect
GetMenuItemInfoW
DestroyMenu
DestroyIcon
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
SetWindowRgn
CreateDialogIndirectParamW
FillRect
ScreenToClient
EndPaint
DrawStateW
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
UpdateWindow
KillTimer
SetTimer
RealChildWindowFromPoint
GetWindow
GetClassNameW
PtInRect
ClientToScreen
GetWindowRect
SetWindowTextW
GetDlgCtrlID
DeleteMenu
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetParent
OpenClipboard
CloseClipboard
SystemParametersInfoW
CopyImage
GetClientRect
LoadCursorW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetWindowTextLengthW
GetWindowTextW
UnhookWindowsHookEx
GetLastActivePopup
GetWindowLongW
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
LoadImageW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
DestroyCursor
GetWindowRgn
CreateMenu
RegisterWindowMessageW
SetClassLongW
SetClipboardData
GetMessagePos
EmptyClipboard
MessageBoxW
SendMessageTimeoutW
UnregisterClassW
wsprintfW
IsWindow
GetWindowThreadProcessId
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetDesktopWindow
CharUpperW
GetSystemMetrics
PostMessageW
PostQuitMessage
SendMessageW
GetFocus
CheckMenuItem
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BeginPaint
MonitorFromPoint

gdi32

RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
PtVisible
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
EnumFontFamiliesExW
Escape
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
ConvertSidToStringSidW
GetTokenInformation
RegCloseKey
RegCreateKeyExW
RegSetValueExW
InitializeSecurityDescriptor
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW

shell32

ExtractIconW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW

shlwapi

PathRemoveFileSpecW
PathCombineW
PathFileExistsW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
StrFormatKBSizeW

uxtheme

DrawThemeText
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantCopy
VariantChangeType
LoadTypeLi
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
OleCreatePictureIndirect
VariantClear
SysAllocString
SysFreeString
VariantInit

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImageWidth
GdipGetImagePixelFormat
GdipGetImageHeight

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho
GetAdaptersAddresses
GetAdaptersInfo

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

ws2_32

inet_ntoa
__WSAFDIsSet
gethostbyname
select
inet_addr
socket
connect
recv
htons
WSAGetLastError
WSAStartup
WSACleanup
send
closesocket

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Exports

Exports

run

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5988e083388d1b0a152c526bd36e5a0d

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

psapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

iphlpapi

netapi32

snmpapi

ws2_32

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 524KB - Virtual size: 523KB

.data Size: 27KB - Virtual size: 54KB

.gfids Size: 105KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 146KB - Virtual size: 145KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 524KB - Virtual size: 523KB

.data
Size: 27KB - Virtual size: 54KB

.gfids
Size: 105KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 146KB - Virtual size: 145KB