157a086c458f2ac2b11b196608cf45c9a5ef62983731c510d2c028ba721dd898

Sharing

Copy URL

Twitter E-mail

General

Target

157a086c458f2ac2b11b196608cf45c9a5ef62983731c510d2c028ba721dd898
Size

862KB
MD5

f1ebc17d7fb1e05a79969a51a2233770
SHA1

876b30e274a768de4fe1afd80f5b5cfac330b813
SHA256

157a086c458f2ac2b11b196608cf45c9a5ef62983731c510d2c028ba721dd898
SHA512

47d1c207eeb307c477962704f0adea2859b5d8768116e746e50c236461f691fdba9154acca2fe50ce523bbdc16bfb6c86a87ef216545f83a1713cf5a3ade53e4
SSDEEP

24576:ieCQCxZdAgvF7leFgw+FYSO4SL/+iHBmmdFruAVEZSy:5CQCFTt0FgFYG4/+6BB5V+

Score

N/A

Malware Config

Signatures

Files

157a086c458f2ac2b11b196608cf45c9a5ef62983731c510d2c028ba721dd898
.dll windows x86

808801bae06a7421236423ba426d8b69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
MulDiv
GetCurrentProcessId
GetFileInformationByHandle
LockFile
GetLocaleInfoA
IsProcessorFeaturePresent
LockResource
HeapDestroy
lstrcmpA
LoadLibraryExW
SetEnvironmentVariableA
SetThreadPriority
FindResourceW
lstrcpyW
GetModuleFileNameW
LocalAlloc
GlobalLock
CompareStringW
GlobalFindAtomW
UnlockFile
GlobalMemoryStatus
FindNextFileW
GlobalDeleteAtom
GetFileSize
TlsFree
GetFullPathNameW
GetSystemDefaultUILanguage
lstrcatA
AddAtomA
GetModuleHandleA
LoadLibraryExA
lstrcpyA
FindFirstFileW
lstrlenW
FindResourceExW
FreeLibrary
LoadResource
VirtualQuery
InitializeCriticalSection
DuplicateHandle
GetStartupInfoW
GetProfileIntW
GetCurrentThread
GetLongPathNameW
FlushInstructionCache
FreeEnvironmentStringsW
GetVersionExW
IsDebuggerPresent
GetProcessHeap
GetTickCount
GetEnvironmentStringsW
GetFileTime
GetFileAttributesExW
HeapQueryInformation
WriteConsoleW
GetFileType
HeapCreate
SetFilePointer
GlobalAlloc
GetCurrentDirectoryW
GetLocaleInfoW
LoadLibraryW
RaiseException
LocalReAlloc
GlobalFree
CreateThread
DeleteAtom
GetOEMCP
FreeResource
GlobalHandle
ExitProcess
GetDriveTypeW
UnhandledExceptionFilter
GetFileSizeEx
ReleaseMutex
TlsSetValue
DeleteCriticalSection
SetHandleCount
FindFirstFileExW
VirtualLock
LoadLibraryA
CreateFileW
GetNumberFormatW
GetThreadLocale
GetThreadTimes
LeaveCriticalSection
FormatMessageW
InterlockedCompareExchange
FileTimeToLocalFileTime
LocalFree
SearchPathW
GetVolumeInformationW
EnumSystemLocalesA
GetACP
Sleep
GetSystemDirectoryW
TlsGetValue
HeapReAlloc
CreateEventW
FindClose
CreateMutexW
GetCurrentThreadId
GetModuleHandleW
ConvertDefaultLocale
GetProcessWorkingSetSize
GlobalGetAtomNameW
SetEndOfFile
GetLastError
lstrcmpW
GlobalSize
GetTempPathW
ReadFile
FlushFileBuffers
GetProcAddress
GetFileAttributesW
PeekNamedPipe
SuspendThread
MoveFileExW
GetCurrentProcess
lstrlenA
SizeofResource
GlobalUnlock
FileTimeToSystemTime
QueryPerformanceCounter
GetCommandLineW
SetErrorMode
WritePrivateProfileStringW
SetStdHandle
InitializeCriticalSectionAndSpinCount
HeapAlloc
ExitThread
InterlockedIncrement
ResumeThread
VirtualFree
GetSystemInfo
SetLastError
HeapSetInformation
GlobalReAlloc
GetConsoleMode
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileStringW
HeapSize
GetStartupInfoA
HeapFree
GlobalAddAtomW
CopyFileW
InterlockedExchange
WriteFile
EnterCriticalSection
GetUserDefaultLCID
CompareStringA
GetVersion
GlobalFlags
GetWindowsDirectoryW
GetProcessTimes
VirtualProtect
CloseHandle
GetSystemTimeAsFileTime
GetTimeZoneInformation
WaitForSingleObject
InterlockedDecrement
GetTempFileNameW
VirtualUnlock
GetConsoleCP
GetStdHandle
RtlUnwind
IsValidLocale
GetPrivateProfileIntW
SetUnhandledExceptionFilter
lstrcmpiW
IsValidCodePage

user32

TrackPopupMenu
SetWindowPos
LoadAcceleratorsW
WinHelpW
ClipCursor
MapVirtualKeyW
CreateMenu
DrawTextW
CreateIcon
UnpackDDElParam
GetUpdateRect
EndPaint
DrawEdge
GetDlgItemTextW
FillRect
GetScrollPos
ShowWindow
GetMonitorInfoW
GetClipboardViewer
RegisterClassW
DrawStateW
UnregisterClassW
CopyIcon
GetFocus
TabbedTextOutW
GetWindowRgn
TranslateMessage
GetDC
SetWindowContextHelpId
GetNextDlgGroupItem
GetForegroundWindow
GetSystemMetrics
IntersectRect
CheckMenuItem
GetWindowDC
SetWindowRgn
IsDialogMessageW
SetScrollRange
GetWindowThreadProcessId
MonitorFromPoint
EqualRect
EndDialog
CallWindowProcW
GetKeyState
SetParent
EndDeferWindowPos
DrawFrameControl
ClientToScreen
DispatchMessageW
GetMenu
RealChildWindowFromPoint
GetScrollRange
EnableMenuItem
GetSubMenu
GetSystemMenu
CheckDlgButton
DeleteMenu
GetDoubleClickTime
SetWindowsHookExW
SetPropW
SetScrollPos
IsZoomed
GetIconInfo
EnableScrollBar
GetProcessWindowStation
ValidateRect
LoadBitmapW
InvalidateRgn
CharUpperW
CharNextW
EmptyClipboard
InvertRect
GetOpenClipboardWindow
PostMessageW
EnableWindow
MoveWindow
RegisterWindowMessageW
GetWindowTextW
RemovePropW
GetMessagePos
OffsetRect
DialogBoxParamW
DefFrameProcW
CopyImage
IsMenu
DrawIcon
GetMenuItemID
MapDialogRect
HideCaret
IsRectEmpty
SetRect
GetSysColorBrush
SetWindowTextW
GetClassInfoW
DefMDIChildProcW
GetDlgCtrlID
DrawTextExW
SetClipboardData
PtInRect
UpdateLayeredWindow
GetNextDlgTabItem
OpenClipboard
ReuseDDElParam
DialogBoxIndirectParamW
UpdateWindow
CreateDialogIndirectParamW
GetCaretPos
WaitMessage
GetClassLongW
GetDlgItem
CreateWindowExW
GetCapture
ModifyMenuW
SetWindowPlacement
SetMenuItemBitmaps
DrawIconEx
BeginDeferWindowPos
RegisterClipboardFormatW
IsChild
InflateRect
CharUpperBuffW
DestroyCursor
GetMenuState
GetWindowRect
GetQueueStatus
SetMenuDefaultItem
CloseClipboard
SetLayeredWindowAttributes
DestroyIcon
MonitorFromWindow
GetKeyNameTextW
UnhookWindowsHookEx
CreateIconFromResourceEx
MapWindowPoints
IsWindowEnabled
SendMessageW
SetScrollInfo
SetMenu
LoadImageW
GetMenuItemInfoW
GetMenuCheckMarkDimensions
PostQuitMessage
TranslateAcceleratorW
GetDialogBaseUnits
DefWindowProcW
GetDesktopWindow
ShowOwnedPopups
InsertMenuW
GetClientRect
InsertMenuItemW
PostThreadMessageW
InvalidateRect
SetTimer
TranslateMDISysAccel
GetMessageTime
SetFocus
GetMenuStringW
LoadCursorW
RemoveMenu
GetWindowLongW
KillTimer
CallNextHookEx
GetClassNameW
GetMessageW
AppendMenuW
FrameRect
CopyRect
GetScrollInfo
MapVirtualKeyExW
PeekMessageW
SetCapture
GetWindowTextLengthW
UnregisterClassA
SetCursor
ScrollWindow
LoadMenuW
GetPropW
UnionRect
AdjustWindowRectEx
GetClassInfoExW
LoadIconW
SetWindowLongW
GetAsyncKeyState
SystemParametersInfoW
CreatePopupMenu
GetLastActivePopup
SetActiveWindow
SetDlgItemTextW
GetWindow
IsIconic
DrawFocusRect
GetTopWindow
ReleaseCapture
IsClipboardFormatAvailable
ReleaseDC

gdi32

SelectObject
TextOutW
SetViewportExtEx
GetCurrentObject
CreatePalette
RealizePalette
DeleteObject
DPtoLP
Rectangle
ExtTextOutW
CreateDCW
RestoreDC
FillRgn
ExtSelectClipRgn
GetStockObject
SetPixelV
BitBlt
GetDeviceCaps
GetSystemPaletteEntries
SetBkMode
ScaleViewportExtEx
CreateFontIndirectW
LineTo
GetClipBox
PtInRegion
GetObjectW
CreatePolygonRgn
RectVisible
SetBitmapBits
Polyline
SetPaletteEntries
OffsetWindowOrgEx
CreateSolidBrush
CreateCompatibleBitmap
StretchBlt
SelectPalette
Escape
SetBkColor
GetPaletteEntries
SetDIBColorTable
GetObjectType
CreateDIBitmap
RoundRect
SetLayout
GetTextColor
CreateCompatibleDC
SetStretchBltMode
FrameRgn
GetViewportOrgEx
SetTextColor
Polygon
GetWindowExtEx
Ellipse
SetWindowExtEx
CopyMetaFileW
MoveToEx
GetTextFaceW
GetWindowOrgEx
CreateHatchBrush
EnumFontFamiliesExW
SetViewportOrgEx
CreatePen
GetBoundsRect
GetNearestPaletteIndex
ExtFloodFill
CreateRoundRectRgn
DeleteDC
GetTextCharsetInfo
SetWindowOrgEx
ExcludeClipRect
GetViewportExtEx
SetPolyFillMode
SetDIBitsToDevice
CreateRectRgn
GetRgnBox
ScaleWindowExtEx
CombineRgn
GetTextMetricsW
SaveDC
GetBkColor
SetRectRgn
CreateEllipticRgn
GetMapMode
OffsetRgn
GetPixel
SetPixel
SetTextAlign
CreatePatternBrush
CreateBitmap
GetBkMode
OffsetViewportOrgEx
SetDIBits
PtVisible
CreateDIBSection
SetMapMode
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextExtentPointW
CreateFontW
GetTextExtentPoint32W
GetLayout
SelectClipRgn
PatBlt
LPtoDP
IntersectClipRect
GetBitmapBits
SetROP2

winspool.drv

ClosePrinter

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExA
OpenProcessToken
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyW
CheckTokenMembership
CryptGenRandom
FreeSid
RegOpenKeyExW
RegQueryValueExA
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
AllocateAndInitializeSid
RegCloseKey
GetTokenInformation
RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegDeleteKeyW

shell32

SHGetFileInfoW
ExtractIconExW
Shell_NotifyIconW
DragFinish
SHBrowseForFolderW
DragQueryFileW
DuplicateIcon
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

ole32

StgCreateDocfileOnILockBytes
CoGetClassObject
CoTaskMemRealloc
OleDuplicateData
OleInitialize
OleGetClipboard
StringFromGUID2
DoDragDrop
CoTaskMemFree
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleLockRunning
RevokeDragDrop
CoRevokeClassObject
IsAccelerator
CoFreeUnusedLibraries
RegisterDragDrop
CoInitializeEx
CoLockObjectExternal
CoRegisterClassObject
OleTranslateAccelerator
OleCreateMenuDescriptor
OleFlushClipboard
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal
OleUninitialize
CLSIDFromProgID
CoInitialize
CoRegisterMessageFilter
ReleaseStgMedium
StgOpenStorageOnILockBytes
CLSIDFromString
CoCreateGuid

oleaut32

SafeArrayDestroy
VarBstrCat
SysAllocStringByteLen
RegisterTypeLi
UnRegisterTypeLi
VarBstrFromDate
SysFreeString
SysAllocString
SysAllocStringLen
VariantChangeType
OleCreateFontIndirect
SysStringByteLen
SysStringLen
VariantCopy
VarUI4FromStr
VariantClear
VarBstrCmp
VariantTimeToSystemTime
VariantInit
LoadTypeLi
SystemTimeToVariantTime

comctl32

ImageList_GetIconSize
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_DragMove
_TrackMouseEvent
ord17

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW

rpcrt4

NdrProxyErrorHandler

Sections

.text
Size: 687KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

808801bae06a7421236423ba426d8b69

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

rpcrt4

Sections

.text Size: 687KB - Virtual size: 686KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 147KB - Virtual size: 171KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 687KB - Virtual size: 686KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 147KB - Virtual size: 171KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 4KB