942655574b7b3a6e39e4e89b4ab1a3cbf5958a382ce3525d488117259d936590

Sharing

Copy URL

Twitter E-mail

General

Target

942655574b7b3a6e39e4e89b4ab1a3cbf5958a382ce3525d488117259d936590
Size

361KB
MD5

4efbe95e1a60d8777906575513838fe2
SHA1

1c9816bedcf50e1f5c61c1cd41725565306cb720
SHA256

942655574b7b3a6e39e4e89b4ab1a3cbf5958a382ce3525d488117259d936590
SHA512

de6154bbfa13eb8ea3c26c5b7788f2db74702c2aeda301c1a02899994a699d7c65a9c06fb3e48cc0531363e3bf1e51b2c75294fd5743f637616247976ba53e64
SSDEEP

6144:c1I33y++9qh+WtRZsT5Mem7JvQODop6abluagy4:EI33y+BvZ65RGvQODop6abluagy

Score

N/A

Malware Config

Signatures

Files

942655574b7b3a6e39e4e89b4ab1a3cbf5958a382ce3525d488117259d936590
.dll windows x86

3b078eb077e2a25759b894679eb1958e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyA

urlmon

CoInternetCreateSecurityManager
IsValidURL

wininet

InternetCrackUrlA
InternetReadFile
InternetTimeToSystemTime
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpAddRequestHeadersA
InternetTimeFromSystemTime
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHGetFileInfoA
ShellExecuteExA

kernel32

FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
lstrcmpiA
GetModuleHandleA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GetDiskFreeSpaceA
GetProcAddress
GetCurrentThreadId
LockResource
MulDiv
GlobalUnlock
GlobalLock
GetTempPathA
CloseHandle
GetExitCodeProcess
CreateProcessA
SetLastError
GlobalFree
GlobalHandle
GetTempFileNameA
lstrcatA
WriteFile
SetEndOfFile
SetFilePointer
CompareFileTime
SystemTimeToFileTime
FindClose
FileTimeToSystemTime
GetFileTime
GetFileSize
CreateFileA
lstrcpyA
SetEvent
CreateThread
CreateEventA
GlobalMemoryStatus
GetShortPathNameA
LoadLibraryA
GetSystemDirectoryA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ReadFile
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
TlsAlloc
HeapSize
TerminateProcess
ExitProcess
IsBadWritePtr
FatalAppExitA
HeapCreate
HeapDestroy
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetCurrentDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetConsoleCtrlHandler
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
Sleep

gdi32

DPtoLP
SetWindowOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
StretchBlt
SetBkMode
SetTextColor
RestoreDC
CreateSolidBrush
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateFontIndirectA
GetStockObject

wsock32

gethostbyname
inet_addr
gethostbyaddr
ioctlsocket

comctl32

ord17

wintrust

WinVerifyTrust

shlwapi

PathIsURLA
PathFileExistsA

ole32

StringFromCLSID
OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

oleaut32

SysStringByteLen
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 88KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 132B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b078eb077e2a25759b894679eb1958e

Headers

File Characteristics

Imports

advapi32

urlmon

wininet

version

shell32

kernel32

gdi32

wsock32

comctl32

wintrust

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 160KB

.bss Size: - Virtual size: 192KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 132B

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 250KB - Virtual size: 249KB

.reloc Size: 4KB - Virtual size: 216B

.text
Size: 88KB - Virtual size: 160KB

.bss
Size: - Virtual size: 192KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 132B

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 250KB - Virtual size: 249KB

.reloc
Size: 4KB - Virtual size: 216B