19531291bea3045b5ac2c601ac963abc931fba82f32d2c286ab41986d4c2a316

Sharing

Copy URL

Twitter E-mail

General

Target

19531291bea3045b5ac2c601ac963abc931fba82f32d2c286ab41986d4c2a316
Size

232KB
MD5

d5acca72ed4f11c6fe6927adf5c36490
SHA1

10fe93cddce772367514521abad584c54f6a89ac
SHA256

19531291bea3045b5ac2c601ac963abc931fba82f32d2c286ab41986d4c2a316
SHA512

b3c50657815e5574f5c5158a185e80b60ef8ada03aa1e50847c29a1ba6449eff4d4a44935668b9e3180a56d6ffb3f4b80b4eb33aa0b2bfb8fd8e9e72ed72e16b
SSDEEP

6144:/yG3zvrzG/UFFvL17I8LcbjZALOlwfPzLM6an8isBOM8BKb:T3sUFFvL17I8LcbjUMH8isBOrAb

Score

N/A

Malware Config

Signatures

Files

19531291bea3045b5ac2c601ac963abc931fba82f32d2c286ab41986d4c2a316
.dll windows x86

428470617af5ff4a1ebb1ccec5ed681e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GlobalDeleteAtom
GlobalAddAtomW
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
MulDiv
GetTickCount
lstrcpyA
lstrlenA
SetFilePointer
CreateFileA
GetCurrentThreadId
RaiseException
WritePrivateProfileStringA
GetPrivateProfileStringA
FormatMessageA
lstrcatA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
lstrcmpiA
GetPrivateProfileIntA
LocalReAlloc
LocalSize
LocalUnlock
WriteFile
lstrcpynA
GetModuleFileNameA
LoadLibraryA
SetErrorMode
FreeLibrary
GetProcAddress
CreateDirectoryA
GetFileAttributesA
GetShortPathNameA
RemoveDirectoryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileSectionNamesA
ReleaseMutex
WaitForSingleObject
CreateMutexA
ReadFile
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
LocalAlloc
lstrcatW
LocalFree
GetVersionExW
Sleep
CloseHandle
CreateFileW
CreateDirectoryW
GetLastError
lstrcpyW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetLastError
OutputDebugStringW
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
LocalLock
lstrlenW

user32

wsprintfW
SendMessageW
RegisterWindowMessageW
EnableWindow
IsWindowEnabled
GetDlgItem
SetRect
GetSystemMetrics
SystemParametersInfoA
SetWindowPos
GetParent
GetWindowRect
IsWindow
ReleaseDC
GetDC
PeekMessageA
PostMessageA
DispatchMessageA
TranslateMessage
SetWindowLongA
DefWindowProcA
UnregisterClassA
GetWindowLongA
PostQuitMessage
MsgWaitForMultipleObjects
ShowWindow
IsIconic
wsprintfA
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GetWindow
GetClassNameA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
LoadStringA
LoadCursorA
RegisterClassA
CreateWindowExA

gdi32

GetStockObject
GetObjectA
SelectObject
GetTextMetricsA
CreateFontIndirectA
GetDeviceCaps

winspool.drv

SetJobW
EnumJobsW
OpenPrinterW
SetPrinterW
GetPrinterW
GetPrinterDataW
EnumPrintersW
ClosePrinter

advapi32

RegCreateKeyExW
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegSetValueExA
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExA

ole32

CoInitialize
GetRunningObjectTable
CoCreateInstance
MkParseDisplayName
StringFromGUID2
CreateBindCtx
CoTaskMemFree
ProgIDFromCLSID
CoGetInstanceFromFile
CreateFileMoniker
CoUninitialize

oleaut32

VarBstrCmp
GetErrorInfo
CreateErrorInfo
SetErrorInfo
VarBstrCat
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen

msvcr80

__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_recalloc
atol
isxdigit
iswctype
calloc
memmove_s
??0exception@std@@QAE@ABV01@@Z
_lock
isdigit
_ltoa_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_mbsicmp
_mbschr
strcat_s
toupper
_chdrive
_chdir
_getcwd
wcsncpy_s
fopen_s
atoi
wcscpy_s
_resetstkoflw
_beginthreadex
strcpy_s
_onexit
_invalid_parameter_noinfo
_CxxThrowException
__clean_type_info_names_internal
_crt_debugger_hook
_wcsicmp
malloc
fopen
fclose
_itow
memset
free
wcstok
_wtoi
_wassert
memcpy
strrchr
??3@YAXPAX@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
memcpy_s
__CxxFrameHandler3
??2@YAPAXI@Z
_vswprintf
??_U@YAPAXI@Z
??_V@YAXPAX@Z
_vsnprintf

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

428470617af5ff4a1ebb1ccec5ed681e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

msvcr80

msvcp80

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 100KB - Virtual size: 100KB