c23255d61d85dbe143b4b2ca7c6ea47d3467e97f5a102bcc41ea5900564d4671

Sharing

Copy URL Twitter E-mail

General

Target

c23255d61d85dbe143b4b2ca7c6ea47d3467e97f5a102bcc41ea5900564d4671
Size

140KB
MD5

22d4166f753aff245a30bcd9ffe6e010
SHA1

44ce19446af77e9692aa9e45e1a5aa3a1e108e38
SHA256

c23255d61d85dbe143b4b2ca7c6ea47d3467e97f5a102bcc41ea5900564d4671
SHA512

1e835bfc8bf65baf6fd057734f64a14dab8dec1e1f70961a6f0c7307bc829a90199f983f9c58257ba3f3fdadceef6f51a0e0b802e82b4d8c14eb90593c7cf923
SSDEEP

3072:5EjFnneAvNERR2p//7UFlnCrWowC3VoN:YFne8NEX2ulKVoN

Score

N/A

Malware Config

Signatures

Files

c23255d61d85dbe143b4b2ca7c6ea47d3467e97f5a102bcc41ea5900564d4671
.dll windows x86

38a9c8698b872bbcf74baebade2e804b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetEntryPropertiesA
RasEnumConnectionsA
RasEnumEntriesA
RasGetConnectStatusA

kernel32

GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetCPInfo
SetErrorMode
FileTimeToSystemTime
GetProcessVersion
GlobalFlags
GetOEMCP
GetSystemTime
GetLocalTime
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
FileTimeToLocalFileTime
SetHandleCount
GetStdHandle
RtlUnwind
GetStartupInfoA
FreeEnvironmentStringsA
GetTimeZoneInformation
TlsSetValue
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
DeviceIoControl
DeleteFileA
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
GlobalFree
TlsFree
GlobalHandle
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
LocalAlloc
GetModuleHandleA
GlobalFindAtomA
lstrcmpA
GlobalAlloc
GlobalDeleteAtom
lstrcatA
GetCurrentThread
GetCurrentThreadId
GlobalGetAtomNameA
GlobalLock
GlobalUnlock
GlobalAddAtomA
GetVersion
GetModuleFileNameA
LocalFree
SetLastError
lstrcmpiA
lstrcpynA
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
SetEndOfFile
lstrcpyA
CloseHandle
UnlockFile
LockFile
WriteFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
ReadFile
GetCurrentProcess
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStrings
GetFileType

user32

GetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetWindowTextA
RegisterClassA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetClientRect
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
GetSysColor
MapWindowPoints
SetWindowTextA
UnregisterClassA
LoadStringA
ClientToScreen
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
UnhookWindowsHookEx
SetPropA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
RemovePropA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
MessageBoxA
ShowOwnedPopups
PostQuitMessage
GetLastActivePopup
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongA
GetKeyState
SetWindowPos
GetDlgCtrlID
UpdateWindow
GetMenuItemCount
GetSubMenu
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageA
SetCursor
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
EnableWindow
KillTimer
WaitMessage
PeekMessageA
CallWindowProcA
LoadBitmapA
DispatchMessageA
PostMessageA
GetSystemMetrics
CharUpperA
wsprintfA
SetTimer
SetWindowsHookExA
CallNextHookEx
CharToOemA
UnpackDDElParam
GetMenuItemID
BringWindowToTop

gdi32

GetClipBox
DeleteDC
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
GetObjectA
ScaleWindowExtEx
SetBkColor
SetTextColor
DeleteObject
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
GetUserNameA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA

shell32

DragFinish
DragQueryFileA

comctl32

ord17

wsock32

ioctlsocket
htons
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
accept
send
bind
WSAAsyncSelect
htonl
closesocket
gethostbyname
recv
connect
inet_ntoa
socket
recvfrom
sendto

Exports

Exports

MsgHookProc

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38a9c8698b872bbcf74baebade2e804b

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 20KB

SHARED Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 20KB

SHARED
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 11KB