fa57b6a43f075310189a6c470b375d756f369877b9c2204e31d599a019cca39b

Sharing

Copy URL Twitter E-mail

General

Target

fa57b6a43f075310189a6c470b375d756f369877b9c2204e31d599a019cca39b
Size

72KB
MD5

170c154450dc845eec87d7b18bd44743
SHA1

fb6d0e4828d7e86cd1172e43cb712099781e0845
SHA256

fa57b6a43f075310189a6c470b375d756f369877b9c2204e31d599a019cca39b
SHA512

e69cb1e1bb0da5a49f694baa1715ec143c60372f044d60a48389b243b0c6784d2926254dab69a95036b302d08a29fa24055c4d6bee3b9ebbb06db8ff42be0114
SSDEEP

1536:U8ijJtDtOvsX1nFntFHyiKhPosbq/FlUVQ:yjJtDJ/Sbhfbq/FlUVQ

Score

N/A

Malware Config

Signatures

Files

fa57b6a43f075310189a6c470b375d756f369877b9c2204e31d599a019cca39b
.dll windows x86

3a4c5c09e38cd2c2b2b815a11b49f63d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlEscapeA
StrStrIA

wininet

InternetCrackUrlA

kernel32

InterlockedIncrement
Sleep
CloseHandle
CreateThread
GetCurrentThreadId
GetVolumeInformationA
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
InterlockedExchange
GetACP
GetLocaleInfoA
InterlockedDecrement
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetVersionExA
LocalFree
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetSystemTimeAsFileTime
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
GetCommandLineA
HeapAlloc
ExitProcess
HeapReAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetCurrentProcessId

user32

SetFocus
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetActiveWindow
GetFocus
GetSystemMetrics
wsprintfA
SetWindowPos
IsCharAlphaA
SetActiveWindow
SetForegroundWindow

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegFlushKey
RegCloseKey
RegCreateKeyExA

ole32

CoUninitialize
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitialize

oleaut32

VariantInit
VariantCopy
VariantClear
SysFreeString
SysAllocString
GetErrorInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
do_work

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a4c5c09e38cd2c2b2b815a11b49f63d

Headers

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 5KB