7974947249f7d0c39c8b85768f6b056a0603a0eab07ba0cf90b1e6c36afe14e8

Sharing

Copy URL Twitter E-mail

General

Target

7974947249f7d0c39c8b85768f6b056a0603a0eab07ba0cf90b1e6c36afe14e8
Size

206KB
MD5

64488746bf8406181acff0f29778a7e3
SHA1

30d4b96fc015aada9c0b99b7af050746e128556e
SHA256

7974947249f7d0c39c8b85768f6b056a0603a0eab07ba0cf90b1e6c36afe14e8
SHA512

779eba3bca9b4b4b4dce12086ec7f4de29676fae0e73f27cfe4e4ac09e0eb652255269992d6b0187628399a3e3b65da7efa603cff402d2b78b948970a761106f
SSDEEP

3072:a+fSP8CeMqjWe5fwMREfkmYLcoHwjZkOQWPDHIg5iP0Xho:aaTCrsWe5fwAEsm0co6LAPI

Score

1^/10

Malware Config

Signatures

Files

7974947249f7d0c39c8b85768f6b056a0603a0eab07ba0cf90b1e6c36afe14e8
.dll windows x86

3b62dce195afd841f0781303769b0d93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
ExitProcess
RaiseException
VirtualAlloc
HeapReAlloc
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalGetAtomNameA
GetModuleHandleW
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalAddAtomA
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetLastError
SetLastError
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
lstrlenA
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetCurrentThreadId
VirtualProtect
GetProcAddress
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
HeapCreate
Sleep

user32

DestroyMenu
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
LoadCursorA
GetSystemMetrics
GetSysColorBrush
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnregisterClassA
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
UnhookWindowsHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
SendMessageA
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageA
PostQuitMessage
SetWindowsHookExA
CallNextHookEx

gdi32

DeleteDC
TextOutA
GetStockObject
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantClear
VariantChangeType

ws2_32

WSACleanup
WSAStartup
WSASetLastError
send

Exports

Exports

msgbox

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b62dce195afd841f0781303769b0d93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

ws2_32

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 28KB - Virtual size: 27KB