ed965baaa61d952ba474a9d08d24cc5038108fc9ad68014e1e69f590f1dc5ddf

Sharing

Copy URL Twitter E-mail

General

Target

ed965baaa61d952ba474a9d08d24cc5038108fc9ad68014e1e69f590f1dc5ddf
Size

61KB
MD5

beadb66989b8c9c22d2df08616844375
SHA1

fd19b3b9dd60348ca09cd30d50e35d5161c21047
SHA256

ed965baaa61d952ba474a9d08d24cc5038108fc9ad68014e1e69f590f1dc5ddf
SHA512

a636e4963e5393838ad1a911c9305ac3af626a1a8eae7824fb5b97d55ddd8aec36547ece477a88b055a7124210ac38278126e96192ba220686c82fe27331fa33
SSDEEP

1536:ZCQic/U7xRfkmbG5GlL6T2bCrbhxIiHDKLURCqB9QEB:EQuvkmyO+AsDKLNqBS

Score

N/A

Malware Config

Signatures

Files

ed965baaa61d952ba474a9d08d24cc5038108fc9ad68014e1e69f590f1dc5ddf
.dll windows x86

ad9b2067c352cf26527226a7edb0e53b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardType
GetCapture
ChildWindowFromPointEx
ReuseDDElParam
FillRect
CreateMenu
SendDlgItemMessageA
PeekMessageA
GetCursorPos
DestroyMenu
RegisterClassW
GetDlgItem
ToAscii
IsWindow
PostMessageA
SubtractRect
CreatePopupMenu
GetMenuItemInfoW
SetFocus
SetWindowPlacement
SetClassLongA
CharUpperBuffW
GetMessageA
PtInRect
SetMenu
IsDialogMessageA
IsZoomed
EndPaint
SetCaretPos
LoadStringW
GetWindowDC
GetMenuStringW
GetKeyNameTextW
GetWindowTextLengthW

gdi32

CreatePen
CreateDCA
GetEnhMetaFileBits
Polygon
GetStockObject
CopyEnhMetaFileA
GetDCOrgEx
RealizePalette
ExcludeClipRect
GetClipBox
ExtCreatePen
GetWindowOrgEx
GetBrushOrgEx
CreateDIBitmap
SaveDC
GetClipRgn
GetPixel
CreatePatternBrush
RectVisible
SetTextCharacterExtra
GetPaletteEntries
DeleteEnhMetaFile

oleaut32

SafeArrayCreate
SysAllocStringLen
SysAllocStringByteLen
SafeArrayDestroy

kernel32

GetModuleHandleA
VirtualQuery
HeapFree
WaitForMultipleObjects
UnmapViewOfFile
GetCommandLineA
GetStringTypeExA
MoveFileA
CloseHandle
GetTempPathA
VirtualQuery
SetErrorMode
FindFirstFileA
GetDiskFreeSpaceA
SuspendThread
GetCurrentProcess
MulDiv
GetModuleFileNameW
TerminateThread
OpenProcess
CreateFileMappingA
CreateFileA
GetComputerNameA
TerminateProcess
ExitProcess
SetThreadLocale
GetLocaleInfoA
GetComputerNameA
GetACP
EnterCriticalSection
lstrlenW
VirtualFree
MapViewOfFile

imm32

ImmReleaseContext

shell32

DragAcceptFiles
SHGetDesktopFolder
DragQueryFileA

dbghuoui

_Nan
_Strxfrm
_FExp
_LSnan
_Dtest
_Hugeval
_LRteps
_LDenorm
_LDtest

ole32

IsAccelerator
OleSetMenuDescriptor
CoCreateGuid
CoInitialize

wininet

InternetSetOptionA
InternetConnectA
FtpOpenFileA

winmm

timeBeginPeriod
PlaySoundA

advapi32

RegQueryValueExW
RegCloseKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA

comctl32

ImageList_GetIconSize
ImageList_DragMove
ImageList_GetDragImage
ImageList_Remove

comdlg32

ChooseColorA

Exports

Exports

CreateProcessNotify
DllClientCleanup
AllocADsMem
BuildADsPathFromParent
atmaull0
DllClientStartup

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad9b2067c352cf26527226a7edb0e53b

Headers

File Characteristics

Imports

user32

gdi32

oleaut32

kernel32

imm32

shell32

dbghuoui

ole32

wininet

winmm

advapi32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB