e9628ffe17228c3ca2bdac66ac0a9c142451dd2dace34798daeca47a1fae3ef2

Sharing

Copy URL Twitter E-mail

General

Target

e9628ffe17228c3ca2bdac66ac0a9c142451dd2dace34798daeca47a1fae3ef2
Size

858KB
MD5

506b11a0f26967b6dafb1f8d61a603b0
SHA1

e233be25b062562ecf564b8455f902a32d5b8ceb
SHA256

e9628ffe17228c3ca2bdac66ac0a9c142451dd2dace34798daeca47a1fae3ef2
SHA512

00c23b2cdb79031d73198f4507882a898fdc89b20da6459a4d6b12e0b537e5dddaa288e23fe343288b73a2a3c281a02e7960bf04d5124118ed4fe59a8312ba2b
SSDEEP

24576:ReNuwM+KCR3el2ByOh61uc738Byl8DjrU:ReNW63O38Byl8fw

Score

N/A

Malware Config

Signatures

Files

e9628ffe17228c3ca2bdac66ac0a9c142451dd2dace34798daeca47a1fae3ef2
.dll windows x86

17dc570acf5e56ea60e883475c57251a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
SetFileAttributesW
GetStartupInfoW
UnhandledExceptionFilter
TerminateProcess
HeapSize
WriteConsoleW
CopyFileW
LoadLibraryA
SetErrorMode
FindNextFileW
FreeLibrary
TlsAlloc
GetLocalTime
Process32FirstW
GetTempPathW
CreateToolhelp32Snapshot
CreateEventW
GetCurrentThread
DeleteFileW
IsProcessorFeaturePresent
SetVolumeLabelW
GetCurrentProcess
GlobalFree
LeaveCriticalSection
OutputDebugStringW
QueryPerformanceFrequency
SetLastError
GetConsoleCP
DuplicateHandle
FileTimeToSystemTime
ReadProcessMemory
QueryPerformanceCounter
CreateProcessW
LocalFileTimeToFileTime
SetFilePointer
GlobalAlloc
CreateThread
DeleteCriticalSection
WriteProcessMemory
GetPrivateProfileSectionW
GetModuleFileNameW
GetOEMCP
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
LCMapStringW
GetEnvironmentVariableW
CreatePipe
SetEndOfFile
OpenProcess
SetStdHandle
GetWindowsDirectoryW
VirtualAlloc
SetUnhandledExceptionFilter
HeapCreate
GetDateFormatW
Beep
GetStdHandle
GetModuleHandleW
GetSystemDirectoryW
InterlockedDecrement
LoadResource
GetStringTypeW
WritePrivateProfileStringW
SetHandleCount
SetCurrentDirectoryW
WritePrivateProfileSectionW
RemoveDirectoryW
GetVersionExW
RaiseException
GetDriveTypeW
MultiByteToWideChar
CloseHandle
GetCommandLineA
HeapDestroy
GetModuleHandleA
LoadLibraryExA
VirtualProtect
WaitForSingleObject
ReadFile
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryW
VirtualFreeEx
TlsFree
FlushFileBuffers
SystemTimeToFileTime
GetComputerNameW
FindClose
GetFileType
FindFirstFileW
lstrcmpiW
lstrcpyW
GetFullPathNameW
GlobalMemoryStatusEx
FormatMessageW
GetTimeZoneInformation
GetVolumeInformationW
InterlockedExchange
GetACP
EnterCriticalSection
ResumeThread
GetFileAttributesW
GetProcAddress
HeapAlloc
WriteFile
LoadLibraryExW
GetSystemInfo
FindResourceW
EnumResourceNamesW
SetEvent
GlobalLock
SetFilePointerEx
GetLastError
CreateDirectoryW
SetEnvironmentVariableW
GetProcessIoCounters
GetFileSize
Process32NextW
ExitThread
IsValidCodePage
VirtualAllocEx
GetPrivateProfileStringW
DeviceIoControl
LoadLibraryW
GetTempFileNameW
GetCommandLineW
MulDiv
CreateFileW
LockResource
FreeEnvironmentStringsW
GetTimeFormatW
VirtualFree
SetPriorityClass
GetCPInfo
GetPrivateProfileSectionNamesW
InterlockedIncrement
GetCurrentProcessId
CompareStringW
GetCurrentThreadId
GetEnvironmentStringsW
Sleep
HeapReAlloc
ExitProcess
GetTickCount
IsDebuggerPresent
SetEnvironmentVariableA
GetProcessHeap
WideCharToMultiByte
HeapFree
GetConsoleMode
TlsSetValue
TlsGetValue
TerminateThread
lstrlenW
GetExitCodeProcess
GlobalUnlock
RtlUnwind
SetFileTime
GetShortPathNameW
MoveFileW
CreateHardLinkW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW

user32

IsWindowVisible
GetProcessWindowStation
SetProcessWindowStation
wsprintfA
PostMessageA
CopyRect
SetWindowTextA
TranslateMessage
TrackPopupMenuEx
IsCharLowerA
MessageBeep
PtInRect
OpenClipboard
IsCharUpperA
InsertMenuItemA
SetMenuItemInfoA
EmptyClipboard
GetCaretPos
GetClientRect
WindowFromPoint
FrameRect
IsCharAlphaA
IsCharAlphaNumericA
FindWindowW
SetCursor
GetSubMenu
GetMenu
IsIconic
VkKeyScanW
EnumThreadWindows
IsClipboardFormatAvailable
IsWindowEnabled
IsZoomed
AdjustWindowRectEx
PeekMessageA
SetKeyboardState
MessageBoxA
MonitorFromRect
GetMenuItemInfoA
GetMenuStringA
CloseDesktop
IsMenu
DispatchMessageA
GetWindowThreadProcessId
GetSystemMetrics
CreateMenu
FindWindowExA
ReleaseDC
TranslateAcceleratorA
GetUserObjectSecurity
GetForegroundWindow
EnumWindows
DrawFrameControl
GetWindowRect
LoadCursorW
EnableWindow
SendMessageTimeoutA
CountClipboardFormats
MonitorFromPoint
RegisterWindowMessageA
SetWindowPos
EndPaint
DestroyIcon
CopyImage
RegisterClassExA
GetCursorInfo
RegisterHotKey
CloseWindowStation
RedrawWindow
mouse_event
CharLowerBuffA
LoadImageA
EndDialog
IsDialogMessageA
GetDlgItem
DrawTextA
CharNextA
GetDC
GetWindowTextW
SetTimer
GetDesktopWindow
DrawFocusRect
CharUpperBuffA
SetUserObjectSecurity
GetFocus
keybd_event
MoveWindow
GetMessageW
CloseClipboard
GetAsyncKeyState
OpenDesktopA
ScreenToClient
GetKeyState
BeginPaint
IsWindow
SendMessageA
SetFocus
SetActiveWindow
GetCursorPos
DeleteMenu
FlashWindow
SetMenuDefaultItem
LoadIconW
SetCapture
CreateWindowExA
GetWindowDC
PostQuitMessage
EnumChildWindows
InvalidateRect
GetMonitorInfoW
FillRect
IsDlgButtonChecked
GetClipboardData
SystemParametersInfoA
GetWindowLongW
AttachThreadInput
GetWindowTextLengthA
CreateAcceleratorTableA
ExitWindowsEx
SetClipboardData
GetKeyboardLayoutNameA
ReleaseCapture
CreateIconFromResourceEx
GetSysColor
InflateRect
ClientToScreen
GetClassNameA
DestroyAcceleratorTable
MapVirtualKeyA
UnregisterHotKey
GetMenuItemID
KillTimer
CheckMenuRadioItem
DestroyMenu
GetDlgCtrlID
LockWindowUpdate
SendDlgItemMessageA
GetClassLongA
GetKeyboardState
SetForegroundWindow
DestroyWindow
SetLayeredWindowAttributes
LoadStringW
GetMenuItemCount
SetWindowLongW
DialogBoxParamA
DrawMenuBar
DefWindowProcA
SendInput
SetMenu
DefDlgProcA
GetParent
CreatePopupMenu

gdi32

DeleteDC
CreateCompatibleBitmap
GetTextFaceW
GetDIBits
CreateDCW
MoveToEx
StrokeAndFillPath
PolyDraw
CreatePen
EndPath
CreateSolidBrush
GetPixel
CreateFontW
StrokePath
GetStockObject
RoundRect
GetDeviceCaps
SetBkMode
CloseFigure
BeginPath
StretchBlt
GetObjectW
SetViewportOrgEx
CreateCompatibleDC
AngleArc
SetBkColor
Rectangle
SetPixel
DeleteObject
GetTextExtentPoint32W
SetTextColor
SelectObject
LineTo
Ellipse
ExtCreatePen

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

LookupPrivilegeValueW
RegOpenKeyExW
AdjustTokenPrivileges
CreateProcessWithLogonW
CloseServiceHandle
GetLengthSid
OpenSCManagerW
CopySid
RegDeleteValueW
AddAce
UnlockServiceDatabase
GetAclInformation
GetUserNameW
CreateProcessAsUserW
GetTokenInformation
InitializeSecurityDescriptor
LockServiceDatabase
RegEnumValueW
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
RegConnectRegistryW
InitiateSystemShutdownExW
RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
LogonUserW
GetAce
InitializeAcl
OpenThreadToken
RegQueryValueExW
DuplicateTokenEx

shell32

SHGetDesktopFolder
ShellExecuteExW
DragQueryPoint
Shell_NotifyIconW
ShellExecuteW
DragQueryFileW
SHGetMalloc
SHGetPathFromIDListW
SHFileOperationW
ExtractIconExW
SHGetFolderPathW
DragFinish
SHBrowseForFolderW
SHEmptyRecycleBinW

ole32

CoCreateInstanceEx
IIDFromString
OleSetMenuDescriptor
OleSetContainedObject
OleUninitialize
CoUninitialize
MkParseDisplayName
CoInitializeSecurity
CoInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
StringFromGUID2
ProgIDFromCLSID
OleInitialize
CoSetProxyBlanket
CoCreateInstance
CreateBindCtx

oleaut32

QueryPathOfRegTypeLi
VariantChangeType
SysFreeString
SafeArrayGetVartype
SysStringLen
VariantInit
OleLoadPicture
GetActiveObject
VariantCopy
SafeArrayAllocDescriptorEx
DispCallFunc
OACreateTypeLib2
SysAllocString
SafeArrayAllocData
VarR8FromDec
SafeArrayAccessData
VariantClear
SafeArrayUnaccessData
VariantTimeToSystemTime
VariantCopyInd
CreateDispTypeInfo
SafeArrayCreateVector
SafeArrayDestroyDescriptor
CreateStdDispatch

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_Remove
ImageList_Create
ImageList_DragEnter
InitCommonControlsEx
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_BeginDrag

winmm

mciSendStringW
waveOutSetVolume
timeGetTime

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

FtpGetFileSize
InternetOpenW
InternetCloseHandle
InternetQueryDataAvailable
HttpSendRequestW
InternetReadFile
HttpOpenRequestW
FtpOpenFileW
HttpQueryInfoW
InternetConnectW
InternetCrackUrlW
InternetSetOptionW
InternetOpenUrlW
InternetQueryOptionW

wsock32

gethostname
closesocket
recvfrom
ntohs
WSACleanup
bind
select
listen
WSAStartup
inet_addr
ioctlsocket
__WSAFDIsSet
recv
sendto
send
htons
WSAGetLastError
accept
gethostbyname
connect
setsockopt
socket

mpr

WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W
WNetUseConnectionW

psapi

GetProcessMemoryInfo
EnumProcesses
EnumProcessModules
GetModuleBaseNameW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
LoadUserProfileW
UnloadUserProfile

Sections

.text
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17dc570acf5e56ea60e883475c57251a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

version

wininet

wsock32

mpr

psapi

userenv

Sections

.text Size: 484KB - Virtual size: 483KB

.rdata Size: 97KB - Virtual size: 97KB

.data Size: 263KB - Virtual size: 318KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 484KB - Virtual size: 483KB

.rdata
Size: 97KB - Virtual size: 97KB

.data
Size: 263KB - Virtual size: 318KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 4KB