abc8691af529fba7fc7caff0f99c5091f346dda831bde861502c02fb3bd32721

Sharing

Copy URL Twitter E-mail

General

Target

abc8691af529fba7fc7caff0f99c5091f346dda831bde861502c02fb3bd32721
Size

224KB
MD5

135656bd8e145d98e4c7477b8e59fd8a
SHA1

1ecead211d85fe128348bc8c9bfb3ed88ac7e978
SHA256

abc8691af529fba7fc7caff0f99c5091f346dda831bde861502c02fb3bd32721
SHA512

85f911982e89d15e70505da0547013e547bcc14af734fb303aa27decc81fb2162f82015660cd3aaea86eb12e5e385124d4f1d761c3d2aa95b758c782d5bf3ab6
SSDEEP

6144:LqQ27WfISZH/GUH3UzjaKR7bUxFO6Q1FAQU:GSfpH/G3j1RHutQkQ

Score

N/A

Malware Config

Signatures

Files

abc8691af529fba7fc7caff0f99c5091f346dda831bde861502c02fb3bd32721
.dll windows x86

c9be434f626592d727e9c9ce48926d84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
wnsprintfA
PathIsRelativeW
PathFindFileNameA
PathFindExtensionA
PathFindFileNameW
SHCreateStreamOnFileW
PathIsURLW
UrlIsW
PathCreateFromUrlW
PathStripPathW
PathRemoveExtensionW
UrlCanonicalizeW
PathMakePrettyW
UrlGetPartW

urlmon

URLDownloadToCacheFileW

kernel32

EnterCriticalSection
LeaveCriticalSection
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleHandleW
GetLastError
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalSize
GlobalAlloc
GetSystemDefaultLCID
GetUserDefaultLCID
LoadLibraryW
LockResource
FormatMessageW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExA
Sleep
GlobalFree
CreateFileW
ReadFile
CloseHandle
FileTimeToSystemTime
GetOEMCP
GetCurrencyFormatW
GetCurrencyFormatA
GetTimeFormatW
GetTimeFormatA
GetDateFormatW
GetDateFormatA
IsBadStringPtrW
OutputDebugStringW
GetLocaleInfoW
DisableThreadLibraryCalls
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetSystemDefaultLangID
CompareStringW
SetLastError
GetStringTypeW
GetStringTypeExW
LCMapStringW
CreateFileA
GetFileType
GetFileTime
GetFileSize
SetFilePointer
GetACP
InterlockedExchange
GetUserDefaultLangID
SetCurrentDirectoryW
GetCurrentDirectoryW
lstrcmpiA
LoadLibraryExA
MulDiv
GetSystemInfo
WideCharToMultiByte
LocalFree
WriteFile
WaitForSingleObject
GetCurrentDirectoryA
SearchPathA
LocalHandle
LocalUnlock
LocalAlloc
LocalLock
LoadLibraryA
GetCPInfo
GlobalHandle
IsDBCSLeadByteEx
OutputDebugStringA
GetVersion
GetFileAttributesW
GetModuleHandleA
GetCurrentThread
ResumeThread
CreateThread
ExitThread
InterlockedCompareExchange
CreateEventA
SetEvent
VirtualAlloc
VirtualFree
GetStdHandle
CreateEventW

oleaut32

SysFreeString
SysAllocString
SysStringLen
VarUI4FromStr
SetErrorInfo
CreateErrorInfo
SafeArrayGetUBound
OleCreatePictureIndirect
VarBstrCmp
QueryPathOfRegTypeLi
VariantInit
VariantClear
GetErrorInfo
SysAllocStringLen
SafeArrayGetElement
SafeArrayCreateVector
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantChangeType
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound

ole32

CoFileTimeNow
CoUninitialize
CoInitializeEx
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
ReadClassStg
OleInitialize
OleLoad
GetHGlobalFromStream
FreePropVariantArray
PropVariantClear
StgOpenStorage
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemRealloc
ReleaseStgMedium
CoCreateGuid
CoCreateInstance
ReadClassStm

usp10

ScriptItemize
ScriptPlace
ScriptShape
ScriptJustify
ScriptTextOut
ScriptCPtoX
ScriptXtoCP
ScriptFreeCache
ScriptCacheGetHeight
ScriptGetFontProperties
ScriptApplyDigitSubstitution
ScriptRecordDigitSubstitution
ScriptGetProperties
ScriptGetCMap
ScriptLayout
ScriptBreak
ScriptGetLogicalWidths
ScriptGetGlyphABCWidth
ScriptIsComplex

msls31

ord43
ord48
ord50
ord49
ord42
ord2
ord51
ord52
ord1
ord66
ord63
ord71
ord40
ord5
ord44
ord72
ord3
ord67

Sections

CODE
Size: 182KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9be434f626592d727e9c9ce48926d84

Headers

File Characteristics

Imports

shlwapi

urlmon

kernel32

oleaut32

ole32

usp10

msls31

Sections

CODE Size: 182KB - Virtual size: 440KB

.abss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.atls Size: 4KB - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 23KB

CODE
Size: 182KB - Virtual size: 440KB

.abss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.atls
Size: 4KB - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 23KB