f33ceca1501c6266ff304586f451b0d0ee14ae5e52637ca3acf1bc33aead6dfa

Sharing

Copy URL Twitter E-mail

General

Target

f33ceca1501c6266ff304586f451b0d0ee14ae5e52637ca3acf1bc33aead6dfa
Size

132KB
MD5

fbf2f4f14c00d44a2b61f2d37936fc26
SHA1

a94f0a00197a4e4e09c0d647f9f2b978093a38b7
SHA256

f33ceca1501c6266ff304586f451b0d0ee14ae5e52637ca3acf1bc33aead6dfa
SHA512

96828e3877b64427521b342d96c1431f66ccd5498cf225f1d2445bbaf12a138693e42c60c2a9dabac1dadb0e952ee635dd73db8d7548a0e787fd8eb4dfe513aa
SSDEEP

3072:/lxmgMrT/AmUqnPY2qZY502Jr1QZIaHUq:7HMHhUEUZ0nJrWZIaHp

Score

N/A

Malware Config

Signatures

Files

f33ceca1501c6266ff304586f451b0d0ee14ae5e52637ca3acf1bc33aead6dfa
.dll windows x86

c2fae7f087ad628dfb0ec20a5b726866

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalAlloc
GetLocalTime
SetFilePointer
LocalAlloc
UnmapViewOfFile
GetProcAddress
CreatePipe
MoveFileA
RemoveDirectoryA
FindNextFileA
GetDriveTypeA
CreateDirectoryA
GetVersionExA
lstrcmpA
FreeLibrary
GetPrivateProfileSectionNamesA
lstrcpyA
LoadLibraryA
PeekNamedPipe
GetSystemInfo
GetLastError
RaiseException
InterlockedExchange

user32

mouse_event
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
LoadCursorA
SetCursorPos
SetRect
GetDC
CloseWindow
CreateWindowExA
TranslateMessage
CharNextA
wsprintfA
ExitWindowsEx
WindowFromPoint
SetCapture
MapVirtualKeyA
keybd_event
MessageBoxA
SystemParametersInfoA
SendMessageA
DestroyCursor
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx
GetDesktopWindow
ReleaseDC
OpenWindowStationA
IsWindowVisible
EnumWindows
CloseDesktop
SetThreadDesktop
GetUserObjectInformationA
GetThreadDesktop
PostMessageA
IsWindow
BlockInput
GetKeyNameTextA
GetActiveWindow

gdi32

CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
BitBlt
DeleteDC
SelectObject

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
CloseEventLog
ClearEventLogA
OpenEventLogA
RegCreateKeyExA
AdjustTokenPrivileges
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
LookupAccountSidA
GetTokenInformation
RegCloseKey

msvcrt

_strnset
malloc
_strrev
_adjust_fdiv
_strnicmp
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
wcstombs
realloc
strncat
_errno
strrchr
_except_handler3
free
strcmp
strcpy
strcat
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
__CxxFrameHandler
_ftol
strlen
memmove
_CxxThrowException
memcmp

winmm

waveInReset
waveInUnprepareHeader
waveInStop
waveOutWrite
waveOutUnprepareHeader
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveOutReset
waveInClose
waveOutClose
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

wininet

InternetOpenA
InternetCloseHandle
InternetOpenUrlA

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

msvfw32

ICClose
ICSeqCompressFrameEnd
ICSendMessage

wtsapi32

WTSFreeMemory
WTSQueryUserToken
WTSQuerySessionInformationA

userenv

CreateEnvironmentBlock

psapi

GetModuleFileNameExA
EnumProcessModules

Exports

Exports

ClassInfo
ClassName
DCODELL
DMissll
MynNEG
SchoolInfo
main

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2fae7f087ad628dfb0ec20a5b726866

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

winmm

msvcp60

imm32

wininet

avicap32

msvfw32

wtsapi32

userenv

psapi

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 6KB