d0f7306d00d4ed21da2b1c883c13cd810fc4d26966fa79e9374f4bf3efa328bc

Sharing

Copy URL

Twitter E-mail

General

Target

d0f7306d00d4ed21da2b1c883c13cd810fc4d26966fa79e9374f4bf3efa328bc
Size

888KB
MD5

b265aca2afb221ebcd4fb6e4d6af6cf0
SHA1

e42a4d78783667cc81617719309918b56e2202c2
SHA256

d0f7306d00d4ed21da2b1c883c13cd810fc4d26966fa79e9374f4bf3efa328bc
SHA512

541a45d3be0f420aaf30cf4cd708cc79d69da2496f71aacb9d71605b680ae419f47d8be3012e96c6055a9a966ade01ddb148f39fed12e509cac200865f0e135f
SSDEEP

12288:sFddO5NAD/cBOF5SHdOyMOJmrNHNSHMOGiiU1PSpwoGSB/XOAFdIqi:M65e1FQAyHCEM3QoSAFGqi

Score

N/A

Malware Config

Signatures

Files

d0f7306d00d4ed21da2b1c883c13cd810fc4d26966fa79e9374f4bf3efa328bc
.dll windows x86

de458f59184c6728131efc80ae63b381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyaddr
inet_addr
connect
socket
htons
send
closesocket
recv
__WSAFDIsSet
select
accept
listen
WSACleanup
WSAStartup
sendto
htonl
recvfrom
shutdown
setsockopt
ioctlsocket
inet_ntoa
gethostname
WSAGetLastError
bind
gethostbyname

setupapi

SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

SetCommTimeouts
GetCommMask
WaitForMultipleObjects
ClearCommError
WaitCommEvent
LocalFree
FormatMessageA
GetOverlappedResult
GetCurrentThreadId
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
lstrcmpiA
SetLastError
FindNextFileA
InterlockedIncrement
InterlockedDecrement
GlobalDeleteAtom
GlobalFindAtomA
GlobalGetAtomNameA
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA
MulDiv
SetCommMask
GlobalLock
GlobalFree
lstrcmpA
LocalAlloc
GetCurrentThread
GlobalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GetFileAttributesA
GetFileSize
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
RaiseException
GetACP
ExitThread
HeapSize
SetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCommState
BuildCommDCBA
SetCommState
PurgeComm
CreateFileMappingA
GetPrivateProfileIntA
GetCommandLineA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
ExitProcess
lstrlenA
GetWindowsDirectoryA
TerminateProcess
GetCurrentProcess
VirtualProtect
ReadProcessMemory
WriteProcessMemory
Beep
SetThreadPriority
GetCurrentProcessId
OpenProcess
GetStartupInfoA
CreateProcessA
DeviceIoControl
GetModuleHandleA
ReadFile
WriteFile
CopyFileA
DeleteFileA
GlobalAddAtomA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
TerminateThread
CreateEventA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateFileA
CloseHandle
CreateMutexA
GetLastError
GetVersionExA
CreateDirectoryA
GetModuleFileNameA
ResetEvent
GetTickCount
GetLocalTime
SuspendThread
Sleep
WaitForSingleObject
ResumeThread
CreateThread
OutputDebugStringA
SetEvent
GetSystemDirectoryA
GlobalUnlock
SetCurrentDirectoryA

user32

GetMenuCheckMarkDimensions
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CreateDialogIndirectParamA
GetActiveWindow
ValidateRect
PostQuitMessage
SetCursor
UnregisterClassA
LoadStringA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
SetWindowLongA
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CharUpperA
GetGUIThreadInfo
DialogBoxParamA
EndDialog
GetDlgItemTextA
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetParent
GetDesktopWindow
ExitWindowsEx
GetMessageA
PostMessageA
GetCursorPos
PostThreadMessageA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetTimer
wsprintfA
SetWindowPos
GetForegroundWindow
MessageBoxA
UnregisterHotKey
RegisterHotKey
PeekMessageA
TranslateMessage
DispatchMessageA
EnableWindow
SendMessageA
SetForegroundWindow

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkMode
GetStockObject
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
SelectObject
GetObjectA
DeleteObject
DeleteDC
CreateFontA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
OpenSCManagerA
DeleteService
ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA

comctl32

ord17

wininet

InternetReadFile
InternetOpenA
InternetSetOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
HttpQueryInfoA
FtpOpenFileA
InternetOpenUrlA
InternetAttemptConnect
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle

psapi

EnumProcessModules
GetModuleFileNameExA

Exports

Exports

Dial
ExectoYeJi
ExectoYeJi2
Interface_Init

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de458f59184c6728131efc80ae63b381

Headers

File Characteristics

Imports

ws2_32

setupapi

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wininet

psapi

Exports

Exports

Sections

.text Size: 404KB - Virtual size: 403KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 64KB - Virtual size: 124KB

.rsrc Size: 320KB - Virtual size: 317KB

.reloc Size: 40KB - Virtual size: 37KB

.text
Size: 404KB - Virtual size: 403KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 64KB - Virtual size: 124KB

.rsrc
Size: 320KB - Virtual size: 317KB

.reloc
Size: 40KB - Virtual size: 37KB