bd4e5b24cc1d892ee2a0f4cf2339768d33860b845720618f7d0cb7c84eb25705

Sharing

Copy URL Twitter E-mail

General

Target

bd4e5b24cc1d892ee2a0f4cf2339768d33860b845720618f7d0cb7c84eb25705
Size

1.2MB
MD5

862b4988f26a5ffd7988111b649b48dc
SHA1

68fd2fbd950c14a32f144b3e8e669479d3f8bc5b
SHA256

bd4e5b24cc1d892ee2a0f4cf2339768d33860b845720618f7d0cb7c84eb25705
SHA512

5d8650dfb1ec78e54a9a527e87ffb16b20ac7d02c93e6556d8045793140db759249f5d63e4509a8a715c397381343556f295ef40e72c2c36523867d42e8910b5
SSDEEP

24576:jvWPIsYqSY1rsW9/CxRosQLyvmOmY1LCMTc/XdvI5CYZMdx:SPIRY1rsQqot8mOHCMTc/dvI5/M

Score

N/A

Malware Config

Signatures

Files

bd4e5b24cc1d892ee2a0f4cf2339768d33860b845720618f7d0cb7c84eb25705
.dll windows x86

b08577c2964be7b0599ece0330a7c32a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlCreateSecurityDescriptor
RtlFreeSid
RtlSetDaclSecurityDescriptor
RtlLengthSecurityDescriptor
RtlAddAccessAllowedAceEx
NtSetSecurityObject
RtlSetOwnerSecurityDescriptor
RtlCreateAcl
RtlLengthSid
RtlAllocateAndInitializeSid

kernel32

DeleteFileW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
OutputDebugStringW
LocalFree
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetWindowsDirectoryW
ReadFile
WriteFile
SetFilePointer
SystemTimeToFileTime
WritePrivateProfileStringW
GetFullPathNameW
GetFullPathNameA
CreateFileA
SetEndOfFile
QueryPerformanceCounter
UnlockFile
LockFile
GetSystemTimeAsFileTime
FormatMessageA
GetVersionExW
GetFileAttributesA
FlushFileBuffers
GetTempPathW
LockFileEx
GetDiskFreeSpaceW
LoadLibraryA
GetDiskFreeSpaceA
GetCurrentProcessId
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
InterlockedExchange
GetTempFileNameW
CreateDirectoryA
OutputDebugStringA
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
InterlockedCompareExchange
DecodePointer
EncodePointer
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
GetCommandLineA
GetTimeFormatA
GetDateFormatA
CreateDirectoryW
GetLocalTime
SetFileAttributesW
GetFileAttributesW
GetTimeFormatW
RtlUnwind
GetCPInfo
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStringTypeW
ExitProcess
GetStdHandle
HeapCreate
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoW
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsW
GetDateFormatW
CompareStringW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
lstrcpynW
MulDiv
SetLastError
RaiseException
GetLastError
HeapSize
GetFileInformationByHandle
lstrlenW
GetFileSize
CreateFileW
GetCurrentThread
SetThreadPriority
GetPrivateProfileStringW
GetModuleFileNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
lstrcpyW
GetVersion
GetTickCount
CreateThread
GetModuleHandleW
GetProcAddress
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexW
lstrcmpiW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
GetLocaleInfoW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryW
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetEnvironmentStringsW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA
GetProcessHeap

user32

SetActiveWindow
MonitorFromWindow
GetMonitorInfoW
GetActiveWindow
DrawIconEx
EndDialog
SetRectEmpty
DrawFocusRect
DrawEdge
DrawFrameControl
CharNextW
GetClassInfoExW
RegisterClassExW
ValidateRect
EnableWindow
MoveWindow
IsWindowVisible
GetScrollPos
AdjustWindowRectEx
GetMenu
GetDlgItem
SetRect
GetDesktopWindow
GetClassNameW
UpdateWindow
SetTimer
CopyImage
LoadBitmapW
LoadCursorW
GetScrollInfo
GetKeyState
UnregisterClassA
PeekMessageW
GetMessageW
GetCursorPos
SetCursor
IsWindowEnabled
GetFocus
GetMessagePos
MapWindowPoints
TranslateMessage
DispatchMessageW
DestroyCursor
RegisterClipboardFormatW
SetScrollInfo
IsRectEmpty
IntersectRect
PostThreadMessageW
SetParent
DialogBoxParamW
CreateDialogParamW
GetWindowDC
LoadStringW
LoadIconW
EqualRect
InvalidateRect
RedrawWindow
CopyRect
GetComboBoxInfo
GetWindow
GetDlgCtrlID
SetFocus
OffsetRect
GetWindowTextW
GetWindowTextLengthW
InflateRect
GetClientRect
EndPaint
BeginPaint
PostMessageW
PtInRect
GetWindowRect
ClientToScreen
DestroyWindow
LoadImageW
KillTimer
ReleaseCapture
GetCapture
SetCapture
GetParent
SendMessageW
DrawTextW
ReleaseDC
GetDC
SetWindowTextW
SystemParametersInfoW
CreateWindowExW
GetSysColor
FillRect
ShowWindow
SetWindowPos
IsWindow
SetWindowRgn
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
ScreenToClient
GetAsyncKeyState
GetSystemMetrics
FrameRect
SetScrollPos

gdi32

TextOutW
GetTextExtentPoint32W
GetDeviceCaps
SaveDC
RestoreDC
OffsetWindowOrgEx
GetClipBox
RoundRect
CreatePolygonRgn
DPtoLP
CreateRectRgnIndirect
RectInRegion
GetTextMetricsW
GetClipRgn
SetWindowOrgEx
SetRectRgn
OffsetRgn
Rectangle
SetMapMode
CreateFontW
CreateDIBitmap
SetStretchBltMode
CreateBitmapIndirect
GetBitmapBits
LineTo
MoveToEx
GetStockObject
CreateDIBSection
CreateBitmap
StretchBlt
ExtTextOutW
CreateFontIndirectW
GetObjectW
SetBkColor
SetTextColor
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
CreateRectRgn
CombineRgn
DeleteDC
SelectObject
CreatePen
SelectClipRgn
SetViewportOrgEx
SetBkMode

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW

shell32

SHGetSpecialFolderPathA
CommandLineToArgvW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VarUI4FromStr

shlwapi

PathAppendW
PathFileExistsW
StrToIntA
PathIsDirectoryW
StrTrimW
SHDeleteKeyW
PathIsDirectoryA
PathRemoveFileSpecA
PathRemoveFileSpecW
PathAppendA

gdiplus

GdipLoadImageFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipGetImageWidth
GdipGetImageHeight
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromResource
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdiplusStartup

msimg32

GradientFill
AlphaBlend

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_LoadImageW
_TrackMouseEvent
ImageList_DrawEx

uxtheme

DrawThemeBackground
CloseThemeData
OpenThemeData

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Exports

Exports

RegGetSelectAll
RegGetState
RegSetLangPath
RegShowDlg
Reg_Backup
Reg_Clear
Reg_Scan
Reg_SelectAll
Reg_SelectDefault
Reg_Stop

Sections

.text
Size: 715KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b08577c2964be7b0599ece0330a7c32a

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

msimg32

comctl32

uxtheme

version

Exports

Exports

Sections

.text Size: 715KB - Virtual size: 714KB

.rdata Size: 123KB - Virtual size: 122KB

.data Size: 18KB - Virtual size: 29KB

.rsrc Size: 298KB - Virtual size: 298KB

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 715KB - Virtual size: 714KB

.rdata
Size: 123KB - Virtual size: 122KB

.data
Size: 18KB - Virtual size: 29KB

.rsrc
Size: 298KB - Virtual size: 298KB

.reloc
Size: 40KB - Virtual size: 40KB