c7eb162631beaf420401e01d26133500b0208d699b349bb53de79051d58390d2

Sharing

Copy URL Twitter E-mail

General

Target

c7eb162631beaf420401e01d26133500b0208d699b349bb53de79051d58390d2
Size

2.1MB
MD5

48e976f47c333d2ca8994ccdba3dba8b
SHA1

fa479cc82946470fadbce668d7667db8c90d2387
SHA256

c7eb162631beaf420401e01d26133500b0208d699b349bb53de79051d58390d2
SHA512

2be01f245f8c75b7f4ab835396e9400f1a4bd0a576f43fb668d302c355112ba20967f4bea8a37fcef69cb27bf5fdcf8d732b7ac52515ee3dfcc6aa36b411cad4
SSDEEP

49152:YhXGlrzVvAdhye9aR+7eGBEZ8Bj9Ep0BWGal0xYXXHprox:YhKrz5Ad4em+7eGBEZUEp0bal0xYH

Score

1^/10

Malware Config

Signatures

Files

c7eb162631beaf420401e01d26133500b0208d699b349bb53de79051d58390d2
.dll windows x86

11f72d020465a5b1d091809b1adc6c73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

MD5Final
MD5Update
MD5Init
ReportEventA
DeregisterEventSource
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegisterEventSourceA

kernel32

GetCommandLineA
RtlUnwind
GetSystemInfo
VirtualQuery
GetModuleHandleExW
AreFileApisANSI
ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
GetSystemTimeAsFileTime
GetStdHandle
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
IsValidCodePage
GetFileAttributesExW
DeleteFileW
GetStringTypeW
CreateDirectoryW
GetConsoleMode
ReadConsoleW
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
LCMapStringW
OutputDebugStringW
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
IsProcessorFeaturePresent
GetCurrentDirectoryW
WriteConsoleW
SetEnvironmentVariableA
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
CloseHandle
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetVolumeInformationA
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetACP
IsDebuggerPresent
FindResourceExW
GlobalFlags
SetErrorMode
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionEx
RaiseException
GetLastError
HeapSize
DecodePointer
DeleteCriticalSection
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
LocalReAlloc
GlobalHandle
GetVersion
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
SetThreadPriority
lstrcmpA
GetVersionExA
GetCurrentThread
CopyFileA
FormatMessageA
LocalFree
GlobalSize
MulDiv
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
EncodePointer
FindResourceA
GlobalUnlock
GlobalLock
GetModuleHandleW
GetModuleFileNameW
FreeResource
SetLastError
DeleteFileA
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
lstrcpyA
lstrcpyW
Module32Next
CreateToolhelp32Snapshot
GetCurrentDirectoryA
VirtualProtect
CreateMutexA
lstrcatW
DeviceIoControl
LockResource
Process32Next
GlobalFree
lstrcmpiA
Module32First
lstrlenW
MultiByteToWideChar
CreateFileW
ReadProcessMemory
SizeofResource
TerminateThread
LoadLibraryW
WideCharToMultiByte
GlobalAlloc
OpenProcess
VirtualFree
GetTickCount
Process32First
GetCurrentProcess
LoadResource
FreeLibrary
FindResourceW
lstrlenA
CreateThread
ResumeThread
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameA
VirtualAlloc
GetProcAddress
TerminateProcess
WaitForSingleObject
ExitProcess
OutputDebugStringA
SetFilePointerEx
Sleep

user32

DrawIcon
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
CharUpperA
DestroyIcon
IsIconic
DeleteMenu
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
LoadCursorA
GetSysColorBrush
GetSystemMetrics
RealChildWindowFromPoint
GetKeyNameTextA
GetCursorPos
TranslateMessage
GetMessageA
SetCursor
ShowOwnedPopups
PostQuitMessage
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
IntersectRect
FillRect
ClientToScreen
GetWindowRgn
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetProcessWindowStation
GetUserObjectInformationW
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
DestroyCursor
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
CreateAcceleratorTableA
CopyIcon
GetDoubleClickTime
SetClassLongA
LockWindowUpdate
SetParent
SetRect
SetCursorPos
SendDlgItemMessageA
LoadBitmapW
CopyAcceleratorTableA
EndPaint
DestroyAcceleratorTable
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetClientRect
GetDlgItem
GetClassNameA
SetForegroundWindow
GetParent
ExitWindowsEx
EnumWindows
wsprintfW
GetWindowTextA
GetKeyboardLayout
SetWindowLongA
InvalidateRect
GetWindowLongA
CreateWindowExA
EnumChildWindows
PostMessageA
SetWindowTextA
LoadKeyboardLayoutA
ActivateKeyboardLayout
GetWindowRect
CallNextHookEx
SetWindowsHookExA
SetWindowPos
IsWindow
UnhookWindowsHookEx
IsWindowVisible
CloseWindow
FindWindowA
GetWindowThreadProcessId
DrawFocusRect
InflateRect
GetSysColor
FrameRect
CopyRect
MessageBoxA
SetTimer
KillTimer
wsprintfA
SendMessageA
EnableWindow
UnregisterClassA
MapVirtualKeyA
SetMenuDefaultItem

gdi32

MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetTextAlign
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CopyMetaFileA
CreateDCA
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage

shlwapi

StrChrA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

OleDuplicateData
IsAccelerator
CoLockObjectExternal
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
ReleaseStgMedium
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
OleGetClipboard
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoDisconnectObject
RegisterDragDrop

oleaut32

SysAllocStringLen
SysAllocString
LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

wininet

InternetQueryOptionA
InternetCloseHandle
HttpOpenRequestW
HttpSendRequestW
InternetSetOptionA
InternetConnectW
InternetOpenW

ws2_32

send
htons
WSAGetLastError
inet_addr
connect
recv

shell

?FourierTransformationEnd@@YAXXZ
?FourierTransformationStart@@YAXXZ

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapUnlockBits
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipGetImagePixelFormat
GdipDrawImageRectI

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11f72d020465a5b1d091809b1adc6c73

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

imm32

wininet

ws2_32

shell

oleacc

gdiplus

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 388KB - Virtual size: 388KB

.data Size: 53KB - Virtual size: 1.3MB

.init Size: 512B - Virtual size: 409B

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 133KB - Virtual size: 133KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 388KB - Virtual size: 388KB

.data
Size: 53KB - Virtual size: 1.3MB

.init
Size: 512B - Virtual size: 409B

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 133KB - Virtual size: 133KB