dcba326cf82b0a89dde7efe7b098f69621b0dac2f5c4da9a5963533b73b82db6

Sharing

Copy URL Twitter E-mail

General

Target

dcba326cf82b0a89dde7efe7b098f69621b0dac2f5c4da9a5963533b73b82db6
Size

75KB
MD5

3cab92518cf9735052f4d1cbdd49e9ce
SHA1

8f2e01f32aebca1fee2501eb9cc934f9dab97d66
SHA256

dcba326cf82b0a89dde7efe7b098f69621b0dac2f5c4da9a5963533b73b82db6
SHA512

a8bc978daaa8d0ece92e017a4788797e07b5d9016b0e08e4ebc9ec1b7733557b2fc938ea177f6e444f8f25d8ee9c9c292b6f6fc6679b98bf3b707ee80412c9be
SSDEEP

1536:/Fl+tnlNELbUrrmPtD1rs2h0UqDlSd1NZ2H7:9l+tlNEfJAS0UqpStZG

Score

N/A

Malware Config

Signatures

Files

dcba326cf82b0a89dde7efe7b098f69621b0dac2f5c4da9a5963533b73b82db6
.dll windows x86

dd5a2fc85c6f725e216881436481639e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
ResetEvent
WaitForSingleObject
CreateEventA
ReleaseMutex
SetEvent
WriteFile
OpenMutexA
GetModuleFileNameA
GetWindowsDirectoryA
DisableThreadLibraryCalls
ReadDirectoryChangesW
GetFileAttributesExA
WideCharToMultiByte
GetDriveTypeA
GetLogicalDriveStringsA
InterlockedIncrement
InterlockedDecrement
PulseEvent
FreeLibraryAndExitThread
WaitForMultipleObjects
VirtualFree
VirtualProtect
Sleep
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
VirtualQuery
GetSystemInfo
QueryDosDeviceA
GetModuleHandleA
ExitProcess
GetTempFileNameA
GetTempPathA
GetVersionExA
FindNextFileA
FindFirstFileA
MultiByteToWideChar
ReadFile
CreateProcessA
CreatePipe
GetLastError
GetPrivateProfileStringA
lstrlenW
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
CreateThread
OpenEventA
GetCurrentProcessId
WinExec
CopyFileA
SetFileAttributesA
FreeLibrary
CreateMutexA
CloseHandle
GetCurrentProcess
LoadLibraryA
GetProcAddress
GetCurrentThread
VirtualAlloc

user32

GetClassNameA
EnumDesktopWindows
GetDesktopWindow
GetDC
GetWindowDC
IsWindow
EnumWindows
GetWindowTextA
ShowWindow
IsRectEmpty
GetClientRect
GetWindowRect
PrintWindow
DispatchMessageA
CallNextHookEx
SetWindowsHookExA
GetWindowThreadProcessId
UnhookWindowsHookEx
TranslateMessage
GetMessageA
EnumChildWindows

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysAllocString
SysStringLen
VariantClear

wininet

InternetWriteFile
HttpEndRequestA
InternetCrackUrlA
InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpSendRequestExA

ws2_32

closesocket
setsockopt
WSACleanup

psapi

GetProcessImageFileNameA

shlwapi

PathFileExistsA

msvcrt

strcpy
_adjust_fdiv
_initterm
_onexit
__dllonexit
_mbsnbcat
wcsstr
_mbslwr
fgets
wcscpy
fopen
fseek
fgetws
fclose
_except_handler3
printf
atol
strstr
_ltoa
abs
malloc
wcscmp
free
_mbscmp
_mbsupr
_snprintf
_ismbcprint
memcmp
strncpy
memset
_purecall
clock
_mbsrchr
_mbsnbcpy
_mbsicmp
_mbstok
atoi
strlen
_mbschr
strcat
_memicmp
sprintf
time
__CxxFrameHandler
??2@YAPAXI@Z
memcpy
_mbsstr
??3@YAXPAX@Z

gdiplus

GdipDisposeImage
GdipFree
GdipSaveImageToStream
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipCloneImage

iphlpapi

GetAdaptersInfo

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

shell32

SHGetFolderPathA

Exports

Exports

?GetOS@Utility@@SAKXZ
_LOADLIBRARY_DUMMY
_RunAs@0

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd5a2fc85c6f725e216881436481639e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

ws2_32

psapi

shlwapi

msvcrt

gdiplus

iphlpapi

rpcrt4

shell32

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 70KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 71KB - Virtual size: 70KB

.reloc
Size: 3KB - Virtual size: 3KB