ade11f6365801e5e1715332cfb65b44ce12c65f96c5db39f826105ce2fe4e726

Sharing

Copy URL

Twitter E-mail

General

Target

ade11f6365801e5e1715332cfb65b44ce12c65f96c5db39f826105ce2fe4e726
Size

230KB
MD5

2e86b83b174da7f906bd2c4f48a86528
SHA1

7f7389c207072b902bca419c55fe285f31fd7613
SHA256

ade11f6365801e5e1715332cfb65b44ce12c65f96c5db39f826105ce2fe4e726
SHA512

39cb049f0b3e34f48201b809ea581e5ea139d550fdc4fb4c79fe875510f9b575ed8425ea02cce2d1a4316d621d4d5c25d33607f4ebdd42b8f01ffa5a2d5b64e9
SSDEEP

6144:mMYRlRASc069/E5LY3qqL4q5+DMjdd3wpHUK9u2BF:mtRl6Sw9M1Y3qhedCQ2BF

Score

N/A

Malware Config

Signatures

Files

ade11f6365801e5e1715332cfb65b44ce12c65f96c5db39f826105ce2fe4e726
.dll windows x86

30f96f0ca940d11f8917fb25831df07d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHGetValueA
SHDeleteValueA
SHSetValueA

msvcrt

_except_handler3
fclose
malloc
free
vsprintf
mktime
localtime
fwrite
fopen
printf
sprintf
strrchr
_strlwr
_strnicmp
_mbsnbicmp
rename
__CxxFrameHandler
strstr
fread
??2@YAPAXI@Z
ftell
fseek
time
getenv
rand
srand
_access
_stat
_CxxThrowException
strncmp
wprintf
_purecall
_ftol
_CIasin
_mbscmp
??1type_info@@UAE@XZ
_CIacos
_CIpow
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_snprintf
_onexit
__dllonexit
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
strncpy
wcscpy
wcscat
wcslen
memmove
atol
sscanf
atoi

ws2_32

gethostbyname
ntohl
inet_addr
htons
ntohs
WSAStartup
sendto
socket
bind
recvfrom
gethostname

iphlpapi

GetAdaptersInfo

rasapi32

RasGetEntryDialParamsA
RasEnumEntriesA
RasEnumConnectionsA

setupapi

SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

netapi32

Netbios

advapi32

RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA
DeleteService
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceA
StartServiceA
RegEnumValueA
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidW
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
RegConnectRegistryA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExW

user32

ChangeClipboardChain
PostQuitMessage
SetClipboardViewer
DefWindowProcA
GetPriorityClipboardFormat
OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
CloseClipboard
SendMessageA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaNumericA
wsprintfW
wsprintfA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
CloseWindowStation
CloseDesktop
GetSystemMetrics

oleaut32

GetErrorInfo

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
lstrcpyA
SetFilePointer
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
GetCurrentThread
GetCurrentProcess
CreateToolhelp32Snapshot
GetDriveTypeA
GetLogicalDriveStringsA
Process32First
Process32Next
GetSystemDefaultLCID
GetEnvironmentVariableA
WideCharToMultiByte
GetDiskFreeSpaceExA
GetPrivateProfileStringA
InterlockedCompareExchange
OpenProcess
TerminateProcess
CreatePipe
GetStartupInfoA
GetVersionExA
GetSystemDirectoryA
MoveFileExA
GetModuleHandleW
TerminateThread
LocalFree
LocalAlloc
lstrlenA
SetLastError
CreateFileW
GetVolumeInformationA
GetLogicalDrives
GetModuleFileNameA
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemDirectoryW
WritePrivateProfileStringA
DeleteCriticalSection
ResumeThread
GetExitCodeThread
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection
SetEvent
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
CreateProcessA
GetLastError
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
DeviceIoControl
GetFileSize
SizeofResource
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
MoveFileA
DeleteFileA
CopyFileA
GetTickCount
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntA
ReadFile
GetWindowsDirectoryA
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
CreateMutexA
MultiByteToWideChar
CloseHandle
Sleep
WriteFile
CreateFileA
GetTempPathA
SetFileAttributesA

mfc42

ord537
ord800
ord535
ord860
ord540
ord6877
ord2818
ord858
ord924
ord4129
ord5683
ord801
ord541
ord2614
ord354
ord665
ord5710
ord6883
ord4278

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
GetPixel
DeleteDC

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
StgIsStorageFile

winmm

waveInStart
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
waveInUnprepareHeader
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInReset
waveInClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetDevCapsA
mixerClose

Exports

Exports

DealA
DealB

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30f96f0ca940d11f8917fb25831df07d

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

advapi32

user32

oleaut32

kernel32

mfc42

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 28KB - Virtual size: 76KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 28KB - Virtual size: 76KB

.reloc
Size: 12KB - Virtual size: 11KB