e0ebf7e352f1178ba5584b6df7fc3592e14294714da15940c41ad168d8b56c96

Sharing

Copy URL Twitter E-mail

General

Target

e0ebf7e352f1178ba5584b6df7fc3592e14294714da15940c41ad168d8b56c96
Size

272KB
MD5

07e724aa42c3f2cb1ba5d03b864e5cd6
SHA1

66cc9d9869feb32d5738c885b1fe0009de5dd78d
SHA256

e0ebf7e352f1178ba5584b6df7fc3592e14294714da15940c41ad168d8b56c96
SHA512

702163a95ec1978059ce83f6c7ed6256cd2d2f4625f5526b46d44b4a2eb22f2fbde675c16db7ced47ed7ede455971e6b383adc5f258c74a9a7caf44cf6f955ec
SSDEEP

3072:4/CeP0iQD9YnIX6J/S417hSZlui0gqNqHCiN+CVt2Aj:4/CeP0d6lDgXf+q

Score

1^/10

Malware Config

Signatures

Files

e0ebf7e352f1178ba5584b6df7fc3592e14294714da15940c41ad168d8b56c96
.dll windows x86

a2b64d2a3a7bb5a37f19ff0d70199f33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetUserDefaultLCID
Sleep
GetModuleFileNameA
GetPrivateProfileStringA
FindClose
FindFirstFileA
FindNextFileA
IsBadReadPtr
HeapReAlloc
ExitProcess
GetModuleHandleA
lstrcmpW
lstrlenW
MultiByteToWideChar
HeapCreate
HeapDestroy
HeapFree
RtlZeroMemory
InterlockedDecrement
InterlockedIncrement
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetACP
CreateProcessA
lstrcatA
GetComputerNameExA
GetComputerNameA
GetLastError
WideCharToMultiByte
CloseHandle
lstrcpynA
OpenProcess
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
GetNativeSystemInfo
RtlMoveMemory
HeapSize
RaiseException
TerminateProcess
RtlUnwind
GetCommandLineA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
FindResourceA
LoadResource
LockResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
SetLastError
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetTickCount
lstrlenA
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcpyA
GetVersion
MulDiv
GlobalFlags
WritePrivateProfileStringA

shell32

SHAppBarMessage

shlwapi

PathFindFileNameA
PathRemoveBackslashA
StrToIntExW
StrToIntW
PathFileExistsA
PathRemoveFileSpecA

user32

LoadCursorA
LoadIconA
UpdateWindow
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
GetSysColorBrush
GetClientRect
wsprintfA
MessageBoxA
GetWindowThreadProcessId
LoadStringA
PostThreadMessageA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
AdjustWindowRectEx
PostQuitMessage
PostMessageA
SendMessageA
SetCursor
EnableWindow
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
UnhookWindowsHookEx
UnregisterClassA
GetClassNameA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
GetMenuItemCount
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SendDlgItemMessageA
IsDialogMessageA
SetWindowLongA
SetWindowPos
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect

ws2_32

WSACleanup
gethostname
WSAStartup
WSAGetLastError

ole32

CLSIDFromString
CoCreateInstance
OleRun
CoUninitialize
CoInitialize
CLSIDFromProgID
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

gdi32

GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
CreateBitmap
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA

comctl32

ord17

oledlg

ord8

oleaut32

VariantInit
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromCy
VarR8FromBool
VariantChangeType
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VariantCopy
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy

Exports

Exports

_fun_8q
_fun_msg
_fun_msgto
_fun_nmsg
_fun_nmsgto
_fun_update
fun_FreeLibrary
fun_FullscreenCallback
fun_GetCopyData
fun_GetPCName
fun_GetSysTrayWnd
fun_GetSystemBit
fun_LoadLibrary
fun_RefeshTray
fun_SendCopyData
fun_ShowWindow
main

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2b64d2a3a7bb5a37f19ff0d70199f33

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

user32

ws2_32

ole32

gdi32

winspool.drv

advapi32

comctl32

oledlg

oleaut32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 197KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 80KB

.rsrc Size: 4KB - Virtual size: 748B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 200KB - Virtual size: 197KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 80KB

.rsrc
Size: 4KB - Virtual size: 748B

.reloc
Size: 20KB - Virtual size: 19KB