aa2cff853acc3231d6f020db56bf6e166fbc50c3b573ffd62d9a8d7376a285e6

Sharing

Copy URL Twitter E-mail

General

Target

aa2cff853acc3231d6f020db56bf6e166fbc50c3b573ffd62d9a8d7376a285e6
Size

582KB
MD5

35fe4824df7e751e383ac1ce190d8953
SHA1

243c19814ddfb545d74b4cf3bad51420f1846cd0
SHA256

aa2cff853acc3231d6f020db56bf6e166fbc50c3b573ffd62d9a8d7376a285e6
SHA512

1ccaaed0b7a49bef9df2255845fcf0dc069d1da1f7f4deee5e0dffa9f37afb5dc26f41dcbc69a479123987e8553be8a33f2f36f698ffc997f2c918bb98533676
SSDEEP

12288:ap1ua5ghlBD2QKOzGSl9bsXAetpmXZS77cYkT:XrZzvbAAapmXZS7wJT

Score

N/A

Malware Config

Signatures

Files

aa2cff853acc3231d6f020db56bf6e166fbc50c3b573ffd62d9a8d7376a285e6
.dll windows x86

eef9ed4630c97a83afd4e94ee3740790

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlW
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestExW
InternetWriteFile
HttpQueryInfoW
InternetQueryOptionW
InternetReadFile
InternetCloseHandle
InternetSetCookieExW
InternetGetCookieExW
InternetReadFileExA
HttpEndRequestW
InternetErrorDlg

oleacc

AccessibleObjectFromEvent

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW

kernel32

GetLastError
LocalFree
FormatMessageW
GlobalMemoryStatus
CreateMutexW
CloseHandle
WaitForSingleObject
ReleaseMutex
GetCurrentProcessId
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
GetProcAddress
LoadLibraryW
OpenProcess
GetCurrentThreadId
GetLocaleInfoW
IsBadCodePtr
Sleep
CreateFileW
GetModuleHandleW
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
GetVersionExW
GetSystemWow64DirectoryW
FileTimeToSystemTime
SystemTimeToFileTime
DeleteFileW
RemoveDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
SetFileTime
WriteFile
CreateDirectoryW
LockResource
SizeofResource
LoadResource
FindResourceW
VirtualAlloc
VirtualFree
SetFileAttributesW
CopyFileW
GetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
GetSystemTime
GetModuleFileNameW
SetThreadPriority
WaitForMultipleObjects
GetTempPathW
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
GetPrivateProfileIntW
HeapSize
EnterCriticalSection
LeaveCriticalSection
IsBadReadPtr
DeleteCriticalSection
CreateEventW
SetEvent
FindNextChangeNotification
FindFirstChangeNotificationW
GetFileTime
GetShortPathNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
Module32NextW
Module32FirstW
InterlockedIncrement
InterlockedDecrement
LoadLibraryExW
lstrcmpiW
RaiseException
SetFilePointer
GetLocalTime
CreateThread
ReadFile
GetFileSize
ExitProcess
HeapDestroy
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
LCMapStringW
TlsGetValue
GetCommandLineA
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
RtlUnwind
GetTimeZoneInformation
GetModuleHandleA
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
GetStdHandle
GetACP
InitializeCriticalSection
GetModuleFileNameA
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CreateFileA
CompareStringA
CompareStringW
GetPrivateProfileStringW
SetEnvironmentVariableA

user32

OpenClipboard
EmptyClipboard
GetParent
SetWinEventHook
UnhookWinEvent
PostThreadMessageW
CharNextW
PostMessageW
ReleaseDC
GetDC
IsWindow
GetClientRect
CloseClipboard
GetWindowTextW
GetClassNameW
EnumChildWindows
GetLastInputInfo
GetDlgItem
GetWindowRect
MapWindowPoints
DestroyWindow
GetKeyboardLayout
GetForegroundWindow
SetForegroundWindow
SetFocus
EnumWindows
LockSetForegroundWindow
GetWindowLongW
SetWindowLongW
FindWindowW
GetWindowThreadProcessId
GetDesktopWindow
SetClipboardData
MapVirtualKeyW
SendInput
ShowWindow
SendMessageW
wsprintfW
SetWindowPos
AttachThreadInput

gdi32

SelectObject
GetTextExtentPoint32W
TranslateCharsetInfo
DeleteDC

comdlg32

GetOpenFileNameW

advapi32

RegCreateKeyExW
ConvertSidToStringSidW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegEnumValueW
RegQueryValueExW
RegSetValueExW
OpenProcessToken
DuplicateTokenEx
AllocateAndInitializeSid
GetLengthSid
SetTokenInformation
FreeSid
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegNotifyChangeKeyValue
RegDeleteValueW
RegQueryInfoKeyW
GetCurrentHwProfileW
IsValidSid

ole32

CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoUninitialize
CoInitialize
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
VariantInit
SysStringLen
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
VariantClear

shlwapi

StrStrIW
PathAddBackslashW
PathRemoveBackslashW
PathFindFileNameW
PathFindExtensionW

psapi

EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcesses

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

urlmon

URLDownloadToFileW

Exports

Exports

GetServiceProvider

Sections

.text
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eef9ed4630c97a83afd4e94ee3740790

Headers

DLL Characteristics

File Characteristics

Imports

wininet

oleacc

shell32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

psapi

version

urlmon

Exports

Exports

Sections

.text Size: 407KB - Virtual size: 407KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 21KB - Virtual size: 21KB

.text Size: 62KB - Virtual size: 64KB

.text
Size: 407KB - Virtual size: 407KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 21KB - Virtual size: 21KB

.text
Size: 62KB - Virtual size: 64KB