cdc134e958c436be17e90a1df95fe633a8efc206210642fb05970f88801ac834

Sharing

Copy URL Twitter E-mail

General

Target

cdc134e958c436be17e90a1df95fe633a8efc206210642fb05970f88801ac834
Size

80KB
MD5

91233afc41a0144821df98ac657b881c
SHA1

dddd1f693ec82c433a59dec9c630a87853819b81
SHA256

cdc134e958c436be17e90a1df95fe633a8efc206210642fb05970f88801ac834
SHA512

3b5ebe84a6c94a7b190038baf68cafbafcd05ba7974eabd903746a70104f0836106bbd9f9df7e281e9c1cfa6a39ea26ab198ba7e029caf0a86efe7b33c0cbe42
SSDEEP

1536:aPJNHRNEswsnh86GE2pLuWkxGQnQtNs+VUGcqaA:aPJ1RNEsw5612NuWs8Ns+SGcqaA

Score

N/A

Malware Config

Signatures

Files

cdc134e958c436be17e90a1df95fe633a8efc206210642fb05970f88801ac834
.dll windows x86

febd961d1e0a6dc4f4073702654a33f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
CreateEventA
OpenMutexA
InterlockedIncrement
CreateToolhelp32Snapshot
GetStringTypeExA
CreateDirectoryW
DeleteCriticalSection
GetStringTypeA
GetSystemDefaultUILanguage
GlobalFindAtomA
RemoveDirectoryA
EnumUILanguagesW
GetFileTime
LocalSize
ResumeThread
UnregisterWaitEx
GetCurrentProcessId
UpdateResourceA
SearchPathW
GetFullPathNameW
lstrcmpiA
WaitForMultipleObjectsEx
FindResourceA
ProcessIdToSessionId
WaitNamedPipeW
GetShortPathNameW
VerifyVersionInfoA
LocalFlags
GetTempFileNameA
TransactNamedPipe
FreeLibraryAndExitThread
SetConsoleMode
GetCurrentDirectoryA
CreateNamedPipeA
OpenThread
MoveFileW
LocalLock
GlobalMemoryStatus
ReplaceFileW
WriteFile
CreateWaitableTimerA
lstrcmpA
OpenSemaphoreW
GetProfileSectionA
ReadConsoleInputA
DeleteFileW
CreateTimerQueueTimer
CreateSemaphoreA
CreateProcessW
CreateIoCompletionPort
FindFirstFileExW
GetCurrentThreadId
LockResource
SetFileApisToOEM
SetCurrentDirectoryW
CreateMailslotW
FileTimeToLocalFileTime
GetStartupInfoA
HeapCompact
GetFileAttributesExW
WriteProcessMemory
DeviceIoControl
PeekConsoleInputW
ReadConsoleA
lstrcatA
CreateFileW
SwitchToThread
EnumResourceLanguagesW
GetTempFileNameW
GetCurrentDirectoryW
lstrcpynW
UnlockFileEx
FlushFileBuffers
lstrcpyA
SetConsoleWindowInfo
HeapSetInformation
GetBinaryTypeW
GetUserDefaultUILanguage
TerminateProcess
lstrcpynA
IsBadStringPtrW
WaitForMultipleObjects
SetFilePointerEx
AssignProcessToJobObject
SetVolumeMountPointW
TerminateThread
SetEnvironmentVariableW
GetNumberFormatW
GetDefaultCommConfigW
GetStartupInfoW
AllocConsole
DeleteTimerQueueTimer
GetTempPathA
GetThreadPriority
GetFileAttributesExA
CreateEventW
HeapReAlloc
SetVolumeLabelA
IsBadHugeWritePtr
GetLocaleInfoW
ResetEvent
SetFileAttributesA
ConvertDefaultLocale
GetConsoleCP
GetLongPathNameW
RegisterWaitForSingleObjectEx
GetFileInformationByHandle
GetDateFormatA
GlobalMemoryStatusEx
lstrlenA
CloseHandle
WaitForSingleObject
VirtualQuery
CreateDirectoryA
EnterCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
GetProcAddress
GetModuleFileNameA
lstrcatW
GetLastError
UnmapViewOfFile
InterlockedExchange
MapViewOfFile
HeapFree
HeapValidate
HeapAlloc
LoadLibraryA
MoveFileExA
lstrlenW
ReleaseMutex
GetComputerNameA
VirtualFree
CreateMutexA

user32

GetMenuItemCount
TranslateAcceleratorA
DestroyMenu
SetMenuDefaultItem
GetWindowTextLengthW
IsIconic
SetRectEmpty
GetWindowContextHelpId
EnumWindows
EnumWindowStationsW
EndPaint
UnregisterClassA
IsZoomed
PostMessageW
EndTask
NotifyWinEvent
GetNextDlgTabItem
SendMessageTimeoutA
MessageBoxIndirectW
GetUpdateRect
MessageBoxA
EnableScrollBar
AllowSetForegroundWindow
BroadcastSystemMessageW
UpdateWindow
SetCursor
ChangeDisplaySettingsW
wvsprintfW
SetCaretPos
FillRect
DestroyIcon
GetCapture
EnumThreadWindows
PostMessageA
LoadCursorA
DrawMenuBar
CharPrevA
TranslateMessage
CheckDlgButton
OpenWindowStationA
AppendMenuA
GetDlgCtrlID
GetClassInfoExA
GetDesktopWindow
GetScrollInfo
DefMDIChildProcA
DrawIcon
SetDlgItemTextW
IsCharAlphaNumericW
CloseDesktop
GetCursor
DrawTextW
MonitorFromRect
CharToOemBuffA
TrackPopupMenu
IsRectEmpty
SendDlgItemMessageA
GetWindowLongA
IsCharAlphaNumericA
SetThreadDesktop
OpenWindowStationW
ScrollWindowEx
GetMenuStringA
MonitorFromPoint
PeekMessageW
GetUserObjectInformationW
GetClassInfoW
SetCapture
InSendMessage
ShowCaret
CharToOemW
CreateMenu
GetCaretPos
GetMonitorInfoA
DrawEdge
SetWindowTextW
CheckMenuItem
DefWindowProcW
GetDC
wsprintfW
GetQueueStatus
InsertMenuItemA
PostThreadMessageW
SetWindowWord
IsDialogMessageW
InsertMenuA
CallWindowProcA
GetMenuStringW
GetTopWindow
AdjustWindowRectEx
LoadIconW
VkKeyScanW
CallMsgFilterW
ShowWindowAsync
SendDlgItemMessageW
wsprintfA
RemovePropW
DestroyAcceleratorTable
CharNextW
GetClassLongW
CallWindowProcW
UnpackDDElParam
GetProcessWindowStation
ValidateRect
CharNextA
GetMenu
GetWindow
GetMessagePos
EqualRect
FrameRect
CharUpperBuffA
GetCaretBlinkTime
CreateDialogIndirectParamW
GetCursorPos
InSendMessageEx
GetClassInfoA
GetDlgItem
SystemParametersInfoW
GetPropW
GetAsyncKeyState
GetMenuItemInfoA
TrackPopupMenuEx
SetFocus
MsgWaitForMultipleObjectsEx
DialogBoxParamA
OpenDesktopA
SetWindowsHookExA
KillTimer
CallNextHookEx
DispatchMessageA
LoadCursorW

shlwapi

StrStrIW
SHCreateShellPalette
SHCreateStreamOnFileW
SHGetValueA
PathCombineW
StrCpyNW
StrChrW
UrlCombineW
StrCpyW
PathUnquoteSpacesW
PathRemoveBackslashW
PathIsNetworkPathW
PathRemoveBlanksW
StrCmpIW
PathAddBackslashW
PathIsUNCW
PathIsPrefixW
PathRemoveFileSpecA
StrCatBuffW
PathRemoveArgsW
PathIsUNCServerW
PathCompactPathW
UrlCanonicalizeW
StrDupA
PathIsUNCServerShareW
PathIsURLW
StrRetToStrW
StrStrIA

advapi32

RegDeleteValueA
RegisterEventSourceA
GetTokenInformation
RegDeleteKeyA
CloseEventLog
GetNumberOfEventLogRecords
ImpersonateAnonymousToken
ReportEventA
RegSetValueW
RegEnumKeyExW
ImpersonateSelf
ImpersonateNamedPipeClient
RegisterEventSourceW
SetThreadToken
RegSetValueA
RegCreateKeyW
StartServiceCtrlDispatcherA
ImpersonateLoggedOnUser
RegConnectRegistryW
QueryServiceConfigW
SetEntriesInAclA
GetUserNameW
DuplicateTokenEx
CreateServiceW
RegQueryInfoKeyW
GetAclInformation
DuplicateToken
OpenServiceA
RegCreateKeyA
ReadEventLogA
RegQueryInfoKeyA
MakeAbsoluteSD
RegSetValueExW
EnumServicesStatusA
EnumServicesStatusExW
GetUserNameA
RegSetValueExA
RegRestoreKeyA

shell32

ShellAboutW
SHBindToParent
CommandLineToArgvW
ExtractIconW
SHCreateShellItem
SHGetPathFromIDListA
ShellExecuteA
SHParseDisplayName
SHFormatDrive
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileA
SHGetFolderPathA

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

febd961d1e0a6dc4f4073702654a33f8

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 984B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 984B

.reloc
Size: 4KB - Virtual size: 2KB