c4c77d2d89ad54f6eaabec7e3cca2df13df906917a9522d53f79a88317ae03ff

Sharing

Copy URL Twitter E-mail

General

Target

c4c77d2d89ad54f6eaabec7e3cca2df13df906917a9522d53f79a88317ae03ff
Size

592KB
MD5

0e4c0c48c61a7845d3d8bea1b41081b0
SHA1

6eddb0506b9004f163f96cdb9d71753ead2b3212
SHA256

c4c77d2d89ad54f6eaabec7e3cca2df13df906917a9522d53f79a88317ae03ff
SHA512

e7a2d7dd3207806fcb402f2113f506914b6dbd3e1d625d04e2f54263b707d8258c47901f63c540295ab9c3e107b85737d2076efb7afd385e73dcddca3d5269e6
SSDEEP

12288:uDEpS2SrfoiL3b9g9oD8J2TLfkoPSD06o9TBTM85TYl7:Bmrfvu9RJ2TLfpPSDk9TBTzWl7

Score

N/A

Malware Config

Signatures

Files

c4c77d2d89ad54f6eaabec7e3cca2df13df906917a9522d53f79a88317ae03ff
.dll windows x86

f2ca282a78e99729baa16b91dcab23f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryOptionW
InternetOpenW
HttpAddRequestHeadersW
InternetConnectW
InternetCrackUrlW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestW
InternetCrackUrlA

ws2_32

getpeername
inet_ntoa
ntohs
ntohl
getsockname
gethostbyname
WSAGetLastError
WSAResetEvent
socket
inet_addr
select
WSASend
connect
WSAEventSelect
__WSAFDIsSet
closesocket
WSAWaitForMultipleEvents
WSARecv
recv
WSAGetOverlappedResult
htons
WSACloseEvent
WSASetEvent
WSACreateEvent

imagehlp

MapFileAndCheckSumW

iphlpapi

GetAdaptersInfo

kernel32

GetThreadLocale
GetFullPathNameA
GetDriveTypeA
LoadLibraryExA
GetCurrentDirectoryA
SetEndOfFile
IsProcessorFeaturePresent
CloseHandle
DeleteFileW
LockResource
WideCharToMultiByte
FindResourceExW
FindResourceW
GetTempPathW
CreateDirectoryW
LoadResource
CreateProcessW
WaitForSingleObject
GetTempFileNameW
CreateFileW
WriteFile
GetLastError
InterlockedIncrement
MoveFileExW
InterlockedDecrement
SizeofResource
lstrlenW
MultiByteToWideChar
FlushFileBuffers
ReadFile
LoadLibraryW
GetProcAddress
InterlockedCompareExchange
InterlockedExchangeAdd
lstrlenA
CreateMutexW
WaitForMultipleObjects
CreateThread
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
Sleep
SetEvent
LoadLibraryExW
SystemTimeToFileTime
FileTimeToSystemTime
RaiseException
CreateEventW
InitializeCriticalSection
GetModuleFileNameW
DeleteCriticalSection
GetCurrentProcess
GetSystemTime
DuplicateHandle
lstrcmpiW
GetModuleHandleW
CompareFileTime
GetTickCount
FreeLibrary
FlushInstructionCache
GetCurrentThreadId
MulDiv
GlobalLock
lstrcmpW
GlobalAlloc
SetLastError
GlobalUnlock
SetThreadPriority
ResumeThread
ResetEvent
GetThreadPriority
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetSystemInfo
HeapReAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
ExitProcess
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
LoadLibraryA
SetFilePointer
GetVersionExW
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SearchPathW
GetFileSize
DeviceIoControl
GetSystemDirectoryW
GetVolumeInformationW
GetVersion
GetConsoleCP

user32

GetWindowTextLengthW
SetWindowTextW
GetDlgItem
IsWindow
GetWindowTextW
GetClassInfoExW
BeginPaint
DestroyAcceleratorTable
DefWindowProcW
GetDC
GetWindowLongW
RegisterClassExW
MoveWindow
CallWindowProcW
GetSysColor
DestroyWindow
GetParent
GetDesktopWindow
IsChild
InvalidateRect
InvalidateRgn
FillRect
SetFocus
CreateAcceleratorTableW
LoadCursorW
MessageBoxW
SetCapture
ReleaseCapture
EndPaint
CreateWindowExW
RegisterWindowMessageW
RedrawWindow
GetClassNameW
ScreenToClient
GetClientRect
GetWindow
ClientToScreen
ReleaseDC
CharNextW
SendMessageW
GetFocus
SetWindowLongW
SetWindowPos
UnregisterClassA

gdi32

DeleteObject
SelectObject
BitBlt
CreateSolidBrush
CreateCompatibleDC
DeleteDC
GetStockObject
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap

advapi32

RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryInfoKeyW

ole32

OleInitialize
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CLSIDFromString
OleUninitialize
CoInitializeEx
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoGetClassObject

oleaut32

SysFreeString
VarBstrCmp
VariantChangeType
VariantCopy
LoadTypeLi
OleCreateFontIndirect
VariantInit
VariantClear
LoadRegTypeLi
VarUI4FromStr
SysAllocStringLen
SysStringByteLen
LoadTypeLibEx
SysAllocString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 416KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2ca282a78e99729baa16b91dcab23f8

Headers

File Characteristics

Imports

wininet

ws2_32

imagehlp

iphlpapi

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 416KB - Virtual size: 412KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 32KB - Virtual size: 30KB

.reloc Size: 32KB - Virtual size: 28KB

.text
Size: 416KB - Virtual size: 412KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 32KB - Virtual size: 30KB

.reloc
Size: 32KB - Virtual size: 28KB