e1dfb84a91a6c591ac8be4b6b2d61242470536574c457ec24fdd3e958daefe4b

Sharing

Copy URL Twitter E-mail

General

Target

e1dfb84a91a6c591ac8be4b6b2d61242470536574c457ec24fdd3e958daefe4b
Size

231KB
MD5

77bc136113b3e266dbd6129ce6c0190a
SHA1

fdaeb9c3046126e976fdf5593c01eed46e61d837
SHA256

e1dfb84a91a6c591ac8be4b6b2d61242470536574c457ec24fdd3e958daefe4b
SHA512

cce0e7df109797eb38a311000a0ff1aca2bf43122016e6aff36840d84a921563a33534576618c4d64712229fc7ceff27b80e5a47821b03d11f6730ea2fd9d261
SSDEEP

6144:WFIjqTVXbmJHTkEEE3or9wz5+DMDVPJYiFUK9u2t6k:WCjqxrmZTrL3oCXPNQ2t6k

Score

N/A

Malware Config

Signatures

Files

e1dfb84a91a6c591ac8be4b6b2d61242470536574c457ec24fdd3e958daefe4b
.dll windows x86

9df0706e2937d4d2b05cde776766fd22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHGetValueA
SHDeleteValueA
SHSetValueA

msvcrt

_except_handler3
fclose
atoi
malloc
free
vsprintf
mktime
fwrite
fopen
printf
sprintf
strrchr
_strlwr
_strnicmp
localtime
_mbsnbicmp
memmove
__CxxFrameHandler
strstr
fread
??2@YAPAXI@Z
ftell
fseek
time
getenv
rand
srand
_stat
_CxxThrowException
strncmp
wprintf
_purecall
_ftol
_CIasin
_mbscmp
??1type_info@@UAE@XZ
_CIacos
_CIpow
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
rename
_onexit
__dllonexit
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
strncpy
wcscpy
wcscat
wcslen
atol
sscanf
_snprintf
_access

ws2_32

gethostbyname
ntohl
inet_addr
htons
ntohs
WSAStartup
sendto
socket
bind
recvfrom
gethostname

iphlpapi

GetAdaptersInfo

rasapi32

RasGetEntryDialParamsA
RasEnumEntriesA
RasEnumConnectionsA

setupapi

SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

netapi32

Netbios

advapi32

RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA
DeleteService
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceA
StartServiceA
RegEnumValueA
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidW
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
RegConnectRegistryA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExW

user32

ChangeClipboardChain
PostQuitMessage
SetClipboardViewer
DefWindowProcA
GetPriorityClipboardFormat
OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
CloseClipboard
SendMessageA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaNumericA
wsprintfW
wsprintfA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
CloseWindowStation
CloseDesktop
GetSystemMetrics

oleaut32

GetErrorInfo

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
lstrcpyA
SetFilePointer
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
GetCurrentThread
GetCurrentProcess
CreateToolhelp32Snapshot
GetDriveTypeA
GetLogicalDriveStringsA
Process32First
Process32Next
GetSystemDefaultLCID
GetEnvironmentVariableA
WideCharToMultiByte
GetDiskFreeSpaceExA
GetPrivateProfileStringA
InterlockedCompareExchange
OpenProcess
TerminateProcess
CreatePipe
GetStartupInfoA
GetVersionExA
GetSystemDirectoryA
MoveFileExA
GetModuleHandleW
TerminateThread
LocalFree
LocalAlloc
lstrlenA
SetLastError
CreateFileW
GetVolumeInformationA
GetLogicalDrives
GetModuleFileNameA
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemDirectoryW
WritePrivateProfileStringA
DeleteCriticalSection
ResumeThread
GetExitCodeThread
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection
SetEvent
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
CreateProcessA
GetLastError
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
DeviceIoControl
GetFileSize
SizeofResource
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
MoveFileA
DeleteFileA
CopyFileA
GetTickCount
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntA
ReadFile
Sleep
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
CreateMutexA
MultiByteToWideChar
CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetWindowsDirectoryA
SetFileAttributesA

mfc42

ord537
ord800
ord535
ord860
ord540
ord6877
ord2818
ord858
ord924
ord4129
ord5683
ord801
ord541
ord2614
ord354
ord665
ord5710
ord6883
ord4278

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
GetPixel
DeleteDC

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
StgIsStorageFile

winmm

waveInStart
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
waveInUnprepareHeader
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInReset
waveInClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetDevCapsA
mixerClose

Exports

Exports

DealA
DealB
DealC

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9df0706e2937d4d2b05cde776766fd22

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

advapi32

user32

oleaut32

kernel32

mfc42

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 28KB - Virtual size: 76KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 28KB - Virtual size: 76KB

.reloc
Size: 12KB - Virtual size: 11KB