7c57cd7cdb06bf88a85e93bf9b9806276212c5c5dff9f489920160fa8d8a2e00

Sharing

Copy URL

Twitter E-mail

General

Target

7c57cd7cdb06bf88a85e93bf9b9806276212c5c5dff9f489920160fa8d8a2e00
Size

855KB
MD5

c42220230451b4d3a152171d1b1e25e0
SHA1

66b4cc01368cf02a8a1bfa91dea73a52cbf7ab9d
SHA256

7c57cd7cdb06bf88a85e93bf9b9806276212c5c5dff9f489920160fa8d8a2e00
SHA512

d40df24a8e3d8c63d6679969c56913a2d108a380483189900024db7e45c12c06773984c882b8ca1565337031d71e5ae984259ed5885a0d4aed76b8de8d47a487
SSDEEP

24576:hOY1/RYXDHiuMz7oGJKmFL6gmI0C1vRv:hOYROD6zImoTD+

Score

N/A

Malware Config

Signatures

Files

7c57cd7cdb06bf88a85e93bf9b9806276212c5c5dff9f489920160fa8d8a2e00
.dll windows x86

f008456f280dc251cecc6620114580af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetACP
RemoveDirectoryW
GlobalUnlock
GetVersionExW
InterlockedIncrement
GetConsoleCP
GetSystemTimeAsFileTime
MulDiv
GetProcAddress
EnumResourceNamesW
GetLocalTime
LCMapStringW
GetCurrentThreadId
GetStdHandle
SetPriorityClass
GetStringTypeW
GetModuleHandleW
RaiseException
GetStartupInfoW
HeapCreate
VirtualFree
SystemTimeToFileTime
SetFilePointerEx
CreateThread
FileTimeToLocalFileTime
TlsSetValue
GetWindowsDirectoryW
GetDateFormatW
SetFilePointer
GetTempFileNameW
SetStdHandle
CreateDirectoryW
CreateFileW
FlushFileBuffers
GetFullPathNameW
CreateToolhelp32Snapshot
CreateHardLinkW
DeviceIoControl
FindNextFileW
SetEvent
WriteProcessMemory
GetComputerNameW
IsValidCodePage
GetVolumeInformationW
CreateEventW
SetEnvironmentVariableA
lstrcmpiW
lstrlenW
GetPrivateProfileStringW
GetShortPathNameW
FindResourceW
HeapReAlloc
QueryPerformanceCounter
LoadLibraryExW
GetCommandLineW
TlsFree
Process32NextW
OpenProcess
GetEnvironmentStringsW
SetHandleCount
SetVolumeLabelW
GetCurrentProcess
GlobalFree
GlobalAlloc
HeapAlloc
GetCurrentThread
GetCurrentProcessId
CreatePipe
GetTimeFormatW
CopyFileW
LoadLibraryW
FormatMessageW
GetCommandLineA
GetModuleHandleA
LoadLibraryExA
VirtualProtect
GetConsoleCursorInfo
GetDiskFreeSpaceW
GetSystemDirectoryW
GlobalMemoryStatusEx
Beep
SetFileAttributesW
GetLastError
FreeEnvironmentStringsW
RtlUnwind
LoadResource
GetOEMCP
GetFileType
ReadFile
ReadProcessMemory
CreateProcessW
TlsAlloc
SizeofResource
WaitForSingleObject
FindClose
EnterCriticalSection
SetEnvironmentVariableW
SetCurrentDirectoryW
GetTimeZoneInformation
LoadLibraryA
CompareStringW
Process32FirstW
IsDebuggerPresent
TerminateProcess
InterlockedExchange
GetPrivateProfileSectionW
GetProcessHeap
GetModuleFileNameW
SetFileTime
WritePrivateProfileStringW
GetPrivateProfileSectionNamesW
TlsGetValue
WritePrivateProfileSectionW
GetCurrentDirectoryW
ResumeThread
SetLastError
GetDiskFreeSpaceExW
WriteConsoleW
GetSystemInfo
GetTickCount
ExitThread
VirtualFreeEx
CloseHandle
HeapFree
FreeLibrary
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
FindFirstFileW
MoveFileW
SetUnhandledExceptionFilter
GetDriveTypeW
GetCPInfo
TerminateThread
InterlockedDecrement
GetFileSize
OutputDebugStringW
GetConsoleMode
SetErrorMode
GetEnvironmentVariableW
GetExitCodeProcess
WriteFile
MultiByteToWideChar
LocalFileTimeToFileTime
DeleteCriticalSection
DeleteFileW
GetProcessIoCounters
UnhandledExceptionFilter
FileTimeToSystemTime
QueryPerformanceFrequency
Sleep
GlobalLock
ExitProcess
GetFileAttributesW
WideCharToMultiByte
IsProcessorFeaturePresent
HeapSize
SetEndOfFile
VirtualAlloc
DuplicateHandle
LockResource
GetTempPathW
VirtualAllocEx

user32

keybd_event
MessageBeep
MoveWindow
CreateIconFromResourceEx
mouse_event
IsDialogMessageA
PostMessageA
CreateWindowExA
IsDlgButtonChecked
SetMenuDefaultItem
TranslateAcceleratorA
CharUpperBuffA
SetActiveWindow
SetFocus
VkKeyScanW
IsCharAlphaA
SetUserObjectSecurity
SendMessageTimeoutA
EmptyClipboard
SendDlgItemMessageA
GetMenu
DeleteMenu
GetDlgCtrlID
GetUserObjectSecurity
CreateMenu
SetWindowLongW
GetParent
MonitorFromPoint
GetForegroundWindow
OpenClipboard
LoadImageA
GetCursorPos
DefDlgProcA
CharLowerBuffA
TrackPopupMenuEx
GetSysColor
BeginPaint
LockWindowUpdate
InsertMenuItemA
CharNextA
LoadIconW
PostQuitMessage
SetCapture
FindWindowW
CreatePopupMenu
GetDC
IsMenu
IsCharAlphaNumericA
IsCharLowerA
GetCaretPos
GetSubMenu
IsWindowVisible
SetWindowPos
GetClipboardData
LoadCursorW
SetWindowTextA
GetMessageW
GetWindowTextLengthA
GetMenuItemCount
DestroyMenu
DestroyIcon
GetFocus
MapVirtualKeyA
InvalidateRect
GetWindowThreadProcessId
AdjustWindowRectEx
DrawTextA
GetMenuItemID
DefWindowProcA
SetKeyboardState
GetDesktopWindow
GetWindowRect
CountClipboardFormats
IsWindowEnabled
CloseClipboard
DialogBoxParamA
FrameRect
GetMenuItemInfoA
FlashWindow
GetWindowLongW
SendInput
IsClipboardFormatAvailable
IsIconic
SetForegroundWindow
GetSystemMetrics
IsCharUpperA
ReleaseDC
ReleaseCapture
WindowFromPoint
GetAsyncKeyState
EnumThreadWindows
SetProcessWindowStation
GetWindowDC
DrawMenuBar
FindWindowExA
CloseWindowStation
SetClipboardData
DestroyWindow
GetKeyState
CheckMenuRadioItem
GetCursorInfo
GetProcessWindowStation
AttachThreadInput
EndPaint
CopyRect
KillTimer
GetKeyboardLayoutNameA
SetCursor
EnumChildWindows
GetKeyboardState
SendMessageA
RegisterHotKey
SetMenuItemInfoA
GetMenuStringA
GetClientRect
OpenDesktopA
LoadStringW
PtInRect
IsZoomed
DrawFrameControl
SetTimer
GetClassNameA
CreateAcceleratorTableA
InflateRect
CopyImage
PeekMessageA
EnableWindow
GetDlgItem
SystemParametersInfoA
GetMonitorInfoW
DrawFocusRect
DispatchMessageA
EnumWindows
TranslateMessage
MessageBoxA
MonitorFromRect
RegisterClassExA
EndDialog
GetClassLongA
ClientToScreen
SetLayeredWindowAttributes
SetMenu
CloseDesktop
RedrawWindow
UnregisterHotKey
ScreenToClient
ExitWindowsEx
FillRect
wsprintfA
GetWindowTextW
DestroyAcceleratorTable
IsWindow
RegisterWindowMessageA

gdi32

GetTextExtentPoint32W
CreateFontW
MoveToEx
Ellipse
SetViewportOrgEx
ExtCreatePen
DeleteObject
GetPixel
CreateDCW
BeginPath
PolyDraw
SetTextColor
GetObjectW
DeleteDC
LineTo
GetStockObject
EndPath
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CloseFigure
GetDIBits
CreatePen
SetBkColor
GetDeviceCaps
RoundRect
StretchBlt
StrokeAndFillPath
AngleArc
SetBkMode
GetTextFaceW
StrokePath
Rectangle
CreateCompatibleDC
SetPixel

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

LockServiceDatabase
GetUserNameW
GetSecurityDescriptorDacl
InitiateSystemShutdownExW
UnlockServiceDatabase
GetLengthSid
AdjustTokenPrivileges
CloseServiceHandle
AddAce
GetAce
LookupPrivilegeValueW
RegCloseKey
CreateProcessWithLogonW
InitializeSecurityDescriptor
LogonUserW
OpenThreadToken
RegQueryValueExW
RegEnumKeyExW
CreateProcessAsUserW
RegDeleteKeyW
RegDeleteValueW
GetTokenInformation
DuplicateTokenEx
OpenSCManagerW
RegEnumValueW
RegCreateKeyExW
GetAclInformation
RegOpenKeyExW
CopySid
SetSecurityDescriptorDacl
RegConnectRegistryW
InitializeAcl
RegSetValueExW

shell32

SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW
ShellExecuteExW
DragFinish
DragQueryPoint
DragQueryFileW
SHGetFolderPathW
SHGetDesktopFolder
Shell_NotifyIconW
ExtractIconExW
SHEmptyRecycleBinW
SHFileOperationW
SHBrowseForFolderW

ole32

OleSetMenuDescriptor
CoSetProxyBlanket
CoInitializeSecurity
CLSIDFromProgID
OleUninitialize
CoCreateInstance
ProgIDFromCLSID
CreateBindCtx
CLSIDFromString
MkParseDisplayName
OleInitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstanceEx
CoTaskMemAlloc
OleSetContainedObject
CoInitialize
IIDFromString
StringFromGUID2
CoUninitialize

oleaut32

SafeArrayCreateVector
SafeArrayGetVartype
CreateDispTypeInfo
VarR8FromDec
VariantChangeType
SysStringLen
DispCallFunc
QueryPathOfRegTypeLi
OleLoadPicture
SafeArrayAllocDescriptorEx
SafeArrayAccessData
VariantClear
SafeArrayUnaccessData
SysFreeString
SysAllocString
SafeArrayAllocData
VariantCopy
VariantTimeToSystemTime
VariantCopyInd
CreateStdDispatch
SafeArrayDestroyDescriptor
OACreateTypeLib2
VariantInit
GetActiveObject

comctl32

ImageList_DragLeave
ImageList_SetDragCursorImage
ImageList_Create
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_EndDrag

winmm

mciSendStringW
timeGetTime
waveOutSetVolume

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

HttpSendRequestW
InternetCloseHandle
InternetOpenUrlW
InternetSetOptionW
FtpGetFileSize
InternetConnectW
InternetQueryDataAvailable
FtpOpenFileW
InternetCrackUrlW
InternetReadFile
InternetOpenW
InternetQueryOptionW
HttpOpenRequestW
HttpQueryInfoW

wsock32

WSACleanup
WSAStartup
gethostname
send
select
gethostbyname
htons
sendto
accept
ioctlsocket
recvfrom
bind
recv
setsockopt
socket
connect
closesocket
listen
inet_addr
WSAGetLastError
__WSAFDIsSet
ntohs

mpr

WNetGetConnectionW
WNetUseConnectionW
WNetCancelConnection2W
WNetAddConnection2W

psapi

EnumProcessModules
GetProcessMemoryInfo
EnumProcesses
GetModuleBaseNameW

Sections

.text
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f008456f280dc251cecc6620114580af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

version

wininet

wsock32

mpr

psapi

Sections

.text Size: 482KB - Virtual size: 482KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 262KB - Virtual size: 288KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 482KB - Virtual size: 482KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 262KB - Virtual size: 288KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 4KB