f45f7868b355b85bf70db2d6d26cca6f1eb76ae43919510d541eb4cd1eb3f668

Sharing

Copy URL

Twitter E-mail

General

Target

f45f7868b355b85bf70db2d6d26cca6f1eb76ae43919510d541eb4cd1eb3f668
Size

768KB
MD5

90c4ebfa578ab3b91d0b818ee55c2a79
SHA1

4498e6cefb9f6feaf9171d5b4217b05af3eacfec
SHA256

f45f7868b355b85bf70db2d6d26cca6f1eb76ae43919510d541eb4cd1eb3f668
SHA512

6187e39ca99ed6b37c59de809eddbcbc4e60c208ee3c4b54f55ff46214cd6b003192a7a5a77ff24b1435a77fdac262cfebbf8bffaf71615f83d23caa65825667
SSDEEP

12288:zQ/Wqz2zkP+KBWd5ifq8LIq48QtEJSxcdqsyQ5dP/4ToMoRFToM+1rvzs/QXC:zeBWs6eRFToMMDkF

Score

N/A

Malware Config

Signatures

Files

f45f7868b355b85bf70db2d6d26cca6f1eb76ae43919510d541eb4cd1eb3f668
.dll windows x86

519f80d51acdccf4770d6ff76d778f73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetQueryDataAvailable
HttpOpenRequestA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetReadFile
InternetConnectA
FtpOpenFileA
HttpQueryInfoA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA
GetModuleBaseNameA

kernel32

FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetThreadLocale
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
GetModuleFileNameW
InterlockedDecrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
GlobalFlags
GetAtomNameA
SystemTimeToFileTime
InterlockedIncrement
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
SetFilePointer
SetFileTime
SetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
ExitProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
GetStdHandle
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
SetConsoleCtrlHandler
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
ReadFile
MoveFileA
GlobalAddAtomA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalDeleteAtom
GetCurrentProcessId
lstrcmpA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetCurrentThreadId
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetVersionExA
GetSystemInfo
DeviceIoControl
GlobalMemoryStatus
GetComputerNameA
LoadLibraryA
RemoveDirectoryA
GetProcAddress
CreateDirectoryA
GetFileAttributesA
GetCurrentProcess
FreeLibrary
CreateThread
ResumeThread
SuspendThread
GetThreadPriority
WaitForMultipleObjects
ResetEvent
EnterCriticalSection
SetThreadPriority
ExitThread
LeaveCriticalSection
CreateEventA
TerminateThread
InitializeCriticalSection
SetEvent
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
OpenProcess
GetModuleHandleA
GetModuleFileNameA
FindClose
FindFirstFileA
ExpandEnvironmentStringsA
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
GetTempPathA
CloseHandle
GetTempFileNameA
WriteFile
MoveFileExA
CreateFileA
GetVersion
CompareStringA
lstrcmpiW
LockResource
lstrcmpiA
GetLastError
InterlockedExchange
GetStringTypeExA
lstrlenW
MultiByteToWideChar
CompareStringW
GetEnvironmentVariableA
GetStringTypeExW
SizeofResource
Sleep
WideCharToMultiByte
LoadResource
lstrlenA
FindResourceA
GetEnvironmentVariableW
LocalFileTimeToFileTime

user32

LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
GetDesktopWindow
ClientToScreen
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetDialogBaseUnits
GetSysColor
AdjustWindowRectEx
ScreenToClient
DrawTextExA
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
ShowOwnedPopups
PostQuitMessage
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
GetMenuState
EnableMenuItem
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
GetMenuItemInfoA
InflateRect
DestroyIcon
EndPaint
BeginPaint
GetWindowDC
RegisterClassA
GrayStringA
CheckMenuItem
wsprintfA
CharUpperA
CharLowerW
CharLowerA
CharUpperW
PostMessageA
DrawTextA
TabbedTextOutA
FillRect
EqualRect
DeleteMenu
SetCursor

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
ExtTextOutA
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
TextOutA
RectVisible
PtVisible
StartDocA
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetObjectType
CreateBitmap
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
GetPixel

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegSetValueA
AdjustTokenPrivileges
RegEnumKeyA
GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
CryptHashData
CryptDestroyHash
CryptDecrypt
CryptDestroyKey
CryptCreateHash
CryptEncrypt
CryptAcquireContextA
CryptReleaseContext
CryptDeriveKey
RegCloseKey
RegOpenKeyA
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA

shell32

SHFileOperationA
SHGetFolderPathA
SHGetFileInfoA
ExtractIconA
ShellExecuteA

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
CoDisconnectObject
CLSIDFromString
StringFromGUID2
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

SafeArrayRedim
VarDateFromStr
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

Exports

Exports

CreateSSEngineInterface
ReleaseSSEngineInterface

Sections

.text
Size: 604KB - Virtual size: 601KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

519f80d51acdccf4770d6ff76d778f73

Headers

File Characteristics

Imports

wininet

version

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 604KB - Virtual size: 601KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 32KB - Virtual size: 31KB

.text
Size: 604KB - Virtual size: 601KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 32KB - Virtual size: 31KB