a6113ed2e2cc21560a52886168e64ac2cfd1f9311eeff7d76dfc94b591d1142f

Sharing

Copy URL Twitter E-mail

General

Target

a6113ed2e2cc21560a52886168e64ac2cfd1f9311eeff7d76dfc94b591d1142f
Size

320KB
MD5

95aec8957183fe36c5de6a7d9e6c1d1c
SHA1

acc2c43ccee3d7522310df0c9ebe58f619571adb
SHA256

a6113ed2e2cc21560a52886168e64ac2cfd1f9311eeff7d76dfc94b591d1142f
SHA512

3305302c79a56b2132f7f708025b8673bcf189541856f6e6ba749e9928b0164e8e1ee2119d6206eb83423d2a7d0bd934a5e5057f7f6d0b68bcc5ad30bd17a84e
SSDEEP

6144:7Sp+MfXL8VtKDRIyNyNfxSSB5qmYPWAmLLmt3eIXi0Hjoum0hl:7Sp+MvL8YRFoNfZ70WA4K1eIyYou7l

Score

N/A

Malware Config

Signatures

Files

a6113ed2e2cc21560a52886168e64ac2cfd1f9311eeff7d76dfc94b591d1142f
.dll windows x86

bb8933ac82b8a62d2337c28eec925142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
shutdown
setsockopt
sendto
send
select
recvfrom
recv
ioctlsocket
inet_addr
htons
htonl
getsockname
gethostname
gethostbyname
connect
closesocket
bind
__WSAFDIsSet
WSAStartup
WSASetLastError
WSASend
WSARecv
WSAGetLastError
WSACleanup

shlwapi

PathFindExtensionA
PathFindFileNameA
SHDeleteKeyA

advapi32

RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CompareStringW
ConvertDefaultLocale
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenEventA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrlenA

oleaut32

VariantChangeType
VariantClear
VariantInit

shell32

Shell_NotifyIconA
ShellExecuteA
Shell_NotifyIconW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

user32

WinHelpA
ValidateRect
UpdateWindow
UnregisterClassA
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CheckMenuItem
ClientToScreen
CopyRect
CreateDialogIndirectParamA
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
DrawIcon
DrawTextA
DrawTextExA
DrawTextW
EnableMenuItem
EnableWindow
EndDialog
EndPaint
GetActiveWindow
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
GrayStringA
InflateRect
IsDialogMessageA
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemovePropA
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnhookWindowsHookEx

gdi32

PtVisible
OffsetViewportOrgEx
GetStockObject
GetObjectA
GetDeviceCaps
GetClipBox
RectVisible
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateBitmap
BitBlt
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutA
ExtTextOutA

Exports

Exports

Win32MiniDumpInit

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb8933ac82b8a62d2337c28eec925142

Headers

File Characteristics

Imports

ws2_32

shlwapi

advapi32

kernel32

oleaut32

shell32

version

winspool.drv

user32

gdi32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 80KB - Virtual size: 1.6MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 80KB - Virtual size: 1.6MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 20KB