c408274a5c71ed04d884e5cfdc11084403600c53294b87860b6ffc6030f4456a

Sharing

Copy URL Twitter E-mail

General

Target

c408274a5c71ed04d884e5cfdc11084403600c53294b87860b6ffc6030f4456a
Size

116KB
MD5

faf4aa35114c520d49ec2b3ba15306c8
SHA1

fe3f051330b8017fc0a3f6b82258166323fdb1c5
SHA256

c408274a5c71ed04d884e5cfdc11084403600c53294b87860b6ffc6030f4456a
SHA512

ff957cc14cc2c7b07a635c655baa877941ac1d6581cf6f17d25e1a02e57d47bd702504b804f52734aedebe71fc71be32af8d47d4d00c1864d9924435c1bf0bcd
SSDEEP

3072:7bqyjQCcZZhCQWvtctRgLkzBQux4hvzw:NjuvGtctRokNQ40

Score

N/A

Malware Config

Signatures

Files

c408274a5c71ed04d884e5cfdc11084403600c53294b87860b6ffc6030f4456a
.dll windows x86

f84bbeeaa84bd7f9e1d1789efafd8668

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PurgeComm
PeekConsoleInputA
UnlockFile
CreateJobObjectW
OutputDebugStringA
FindFirstChangeNotificationW
CreateEventW
GetSystemTime
SetComputerNameA
GetVersion
GetUserDefaultLCID
IsValidLocale
SetConsoleMaximumWindowSize
VerLanguageNameW
VirtualFreeEx
lstrcpyW
GetModuleHandleA
FreeLibrary
GetCommMask
CreateMailslotW
EnumResourceTypesA
lstrcatA
GetCPInfoExW
BuildCommDCBA
GlobalMemoryStatus
LocalAlloc
FindNextVolumeA
AddConsoleAliasA
SetMailslotInfo
ReleaseSemaphore
Process32NextW
ChangeTimerQueueTimer
GetProfileIntW
SetEvent
SearchPathA
GetCurrentProcess
GetNumberOfConsoleMouseButtons
EscapeCommFunction
FormatMessageA
ReadFile
LoadLibraryA
WaitForSingleObject
GetLocalTime
GetProcAddress
CancelWaitableTimer
WriteProfileSectionA
WriteProfileStringA
SetConsoleTitleA
LocalUnlock
VirtualAlloc
GetHandleInformation

user32

GetDialogBaseUnits
CharNextExA
SetProcessDefaultLayout
MapDialogRect
SetWindowsHookExA
OemToCharBuffA
SendNotifyMessageA
IMPGetIMEA
GetMenuBarInfo
SetMenuItemInfoW
SetCursorPos
CharLowerBuffA
LoadKeyboardLayoutA
ReleaseCapture
DdeQueryStringW
ExitWindowsEx
SetSysColors
MenuItemFromPoint
InSendMessage
CloseDesktop
MsgWaitForMultipleObjectsEx
LoadImageW
InSendMessageEx
PeekMessageA
ReleaseDC

gdi32

ExtCreatePen
CombineRgn
CreateDIBPatternBrush
EnumFontFamiliesW
GetGlyphIndicesW
EnumFontsA
DeleteDC
SetStretchBltMode
SelectObject
GetWindowOrgEx
GetLogColorSpaceW
GetNearestPaletteIndex
GetTextExtentPoint32A
PathToRegion
RemoveFontResourceExW
PolyPolyline
GetCharWidth32A
CreateRectRgnIndirect
CreateCompatibleBitmap
SetICMProfileW
GetROP2
FloodFill
GetGlyphOutlineW
CreateCompatibleDC
ExtTextOutA
Pie
SetICMProfileA
CreateDCW
GdiGetDevmodeForPage
SetPixelFormat
SetPolyFillMode
GetWorldTransform
AbortPath
LPtoDP
DPtoLP
GetLayout
CloseMetaFile
AddFontResourceExW
GetTextAlign
GetTextExtentPointI
GetRelAbs
DeleteEnhMetaFile
GetObjectA
SetBkColor
LineTo
CreatePatternBrush
GetStockObject
GetArcDirection
OffsetWindowOrgEx
RemoveFontMemResourceEx

opengl32

glTexCoord3d
glTexImage2D
wglCreateContext
glColor3sv
wglMakeCurrent
glEdgeFlag
glIndexi
wglDeleteContext
glColor4us

shell32

StrCmpNIA
StrRChrW

shlwapi

SHDeleteKeyW
SHQueryInfoKeyW
StrToIntW
PathIsSameRootA
PathFindExtensionW
PathGetArgsA
PathIsContentTypeA
SHDeleteValueA
PathBuildRootW
PathRemoveExtensionA
PathFindNextComponentW
StrCSpnIW
SHDeleteKeyA
PathStripPathA
UrlGetLocationW
StrToIntA
StrCSpnA
SHEnumValueW
PathRemoveExtensionW
PathRemoveArgsA
StrDupW
StrPBrkW
PathCreateFromUrlA
PathAddBackslashW
SHQueryInfoKeyA
PathRenameExtensionW
PathSkipRootW
SHEnumKeyExA
SHRegQueryInfoUSKeyW
PathIsFileSpecA
UrlCombineA
SHEnumValueA
PathRemoveFileSpecA
StrNCatW
PathFindExtensionA
PathIsSameRootW
PathMakeSystemFolderA
StrCpyW

version

VerInstallFileW

winspool.drv

ConvertUnicodeDevModeToAnsiDevmode
OpenPrinterA
SetJobW
SetPrinterDataA
DocumentPropertiesA

msvcrt

_mbsspnp
_mbsnextc
_mbccpy
_tempnam
feof
fwrite
ferror
_unlink
_findfirst
_getdllprocaddr
fsetpos
_stricmp
fread
_fpclass
ungetwc
_kbhit
isdigit
fprintf
fopen
fclose
_heapadd
_mbsstr
fseek
_gcvt
printf
__wargv
iswlower
strspn
sprintf
fwprintf
ftell
fputs
_wstat
_sys_nerr
memset
fputc

Exports

Exports

Ahxvmv
Btsnqdoakx
Fqozxxqlz
Qclihsy
Ruefmsmn
Ryqxrbu
Zspjksc

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f84bbeeaa84bd7f9e1d1789efafd8668

Headers

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

shell32

shlwapi

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 8KB - Virtual size: 6KB