b7aeaf8281f3d623a3e472ef2845dc00N

Sharing

Copy URL Twitter E-mail

General

Target

b7aeaf8281f3d623a3e472ef2845dc00N
Size

241KB
MD5

b7aeaf8281f3d623a3e472ef2845dc00
SHA1

650be6ee7d4ed6323a1b6a38ce2f8a92dd1f63df
SHA256

307b3b38f2424686aab82896d201a85f20f6ad86a3836187a5e4e90c3638771c
SHA512

112c01b1cb2d6f7f124ae528b2496072e270fafec58b6ff2c47ecd11d7b611de351ba630a67fcb8811880608b270b31960111a21dd5064e7bd0e1afab66fe8fe
SSDEEP

6144:S5oe4VwR4xWTqMNlG9dTB6UqgdpiEcTMZ+Or8mbXa:+4Vwld09dTuOp+fOr8Ia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7aeaf8281f3d623a3e472ef2845dc00N

Files

b7aeaf8281f3d623a3e472ef2845dc00N
.dll windows:4 windows x86 arch:x86

8ba49e0296a0e5301b3b82de02042739

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

x:\binaries\BugTrap.pdb

Imports

ws2_32

WSACleanup
WSAGetLastError
closesocket
setsockopt
WSAStartup
inet_addr
gethostbyname
htons
WSASocketA
WSAEventSelect
connect
WSAEnumNetworkEvents
WSASend
WSAGetOverlappedResult
shutdown

comctl32

ImageList_LoadImageA
InitCommonControlsEx
ImageList_Destroy

shlwapi

PathIsURLA
PathIsRootA
PathFindNextComponentA
UrlIsA
PathRemoveBackslashA
PathRemoveExtensionA
PathAddExtensionA
PathCreateFromUrlA
PathIsRelativeA
PathRemoveFileSpecA
PathAppendA
StrTrimA
PathSkipRootA
PathFindFileNameA
PathCombineA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetAttemptConnect
InternetCrackUrlA
InternetOpenA
InternetSetStatusCallback
InternetConnectA
InternetGetLastResponseInfoA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetCloseHandle
HttpOpenRequestA

kernel32

InterlockedCompareExchange
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
Sleep
InterlockedExchange
SetEndOfFile
GetWindowsDirectoryA
GetTickCount
CreateDirectoryA
RemoveDirectoryA
ResetEvent
GetTempPathA
LocalReAlloc
WaitForMultipleObjects
CopyFileA
CloseHandle
FindClose
FindFirstFileA
CreateFileA
RaiseException
FindNextFileA
SetEvent
WideCharToMultiByte
ReadFile
SetFilePointer
GetStringTypeA
GetFileSize
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
GetProfileIntA
GetLastError
OpenProcess
GetModuleFileNameA
GetCurrentProcessId
GetModuleHandleA
GetVersionExA
InitializeCriticalSection
GetStdHandle
WriteConsoleA
MultiByteToWideChar
GetConsoleOutputCP
DeleteCriticalSection
ReadProcessMemory
GetCurrentProcess
LocalFree
WriteFile
FormatMessageA
GetSystemInfo
GlobalMemoryStatus
GetThreadContext
GetCurrentThread
FreeEnvironmentStringsA
GetEnvironmentStrings
GetTimeFormatA
GetDateFormatA
SystemTimeToFileTime
GetFileAttributesA
DeleteFileA
GetCurrentThreadId
ResumeThread
SuspendThread
GetCurrentDirectoryA
GetCommandLineA
GetComputerNameA
GetLocalTime
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
IsDBCSLeadByte
WaitForSingleObject
GetUserDefaultLangID
SetUnhandledExceptionFilter
TerminateProcess
CreateEventA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

user32

GetActiveWindow
GetWindow
DrawTextA
DrawIconEx
GetClassLongA
GetSysColorBrush
CopyIcon
LoadCursorA
DestroyIcon
PtInRect
PostMessageA
SystemParametersInfoA
BeginPaint
EndPaint
GetKeyState
DefWindowProcA
IsRectEmpty
FillRect
GetScrollPos
GetScrollInfo
SetScrollInfo
ScrollWindowEx
GetDC
ReleaseDC
CreateDialogParamA
GetWindowRect
ScreenToClient
GetForegroundWindow
LoadIconA
GetWindowTextLengthA
SetForegroundWindow
MessageBoxA
GetWindowLongA
SetWindowLongA
CheckRadioButton
LoadImageA
ShowWindow
DestroyWindow
CreateWindowExA
EnableWindow
IsWindowEnabled
DialogBoxParamA
UpdateWindow
GetWindowThreadProcessId
GetSystemMenu
AppendMenuA
TabbedTextOutA
GetClientRect
GetSystemMetrics
GetTabbedTextExtentA
DrawEdge
BeginDeferWindowPos
LoadStringA
SetCursor
GetDlgCtrlID
GetSysColor
SendMessageA
SetWindowTextA
GetParent
GetDlgItem
SetFocus
GetWindowTextA
EndDialog
MapWindowPoints
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsZoomed
RedrawWindow
SetScrollPos
GetDialogBaseUnits
GetMessagePos
IsChild
GetCapture
ReleaseCapture
SetCapture
GetFocus
SetWindowPos
DrawFocusRect
InvalidateRect

gdi32

MoveToEx
LineTo
SelectObject
BitBlt
SetTextColor
TextOutA
SetViewportOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32A
StretchBlt
GetObjectA
GetDIBits
GetDeviceCaps
CreateDCA
PatBlt
CreateFontIndirectA
GetTextMetricsA
DeleteObject
DeleteDC
SetBkColor

comdlg32

GetSaveFileNameA

advapi32

RegEnumKeyExA
RegEnumValueA
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
GetUserNameA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
ShellExecuteA

ole32

StringFromGUID2

oleaut32

GetErrorInfo
SysFreeString

msvcr80

fopen
fread
ferror
fwrite
ftell
fseek
fclose
_unlock
__dllonexit
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
??_U@YAPAXI@Z
strcpy_s
_mbsicmp
sprintf_s
_ultoa_s
??_V@YAXPAX@Z
memset
strlen
strtoul
_memicmp
atoi
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
memmove
abs
_mbschr
_purecall
_vsnprintf_s
_mbsnbcpy_s
_ui64toa_s
strcmp
memcmp
_mbscmp
_mbsnbicmp
free
malloc
_itoa_s
_beginthreadex
_mbsnbcat_s
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal

Exports

Exports

BT_AddLogFile
BT_AddRegFile
BT_AppLogEntry
BT_AppLogEntryF
BT_AppLogEntryV
BT_CallCppFilter
BT_CallNetFilter
BT_CallSehFilter
BT_ClearLog
BT_ClearLogFiles
BT_CloseLogFile
BT_CppFilter
BT_DeleteLogFile
BT_ExportRegistryKey
BT_FlushLogFile
BT_GetActivityType
BT_GetAppName
BT_GetAppVersion
BT_GetDialogMessage
BT_GetDumpType
BT_GetFlags
BT_GetLogEchoMode
BT_GetLogFileEntry
BT_GetLogFileName
BT_GetLogFilesCount
BT_GetLogFlags
BT_GetLogLevel
BT_GetLogSizeInBytes
BT_GetLogSizeInEntries
BT_GetMailProfile
BT_GetNotificationEMail
BT_GetPostErrHandler
BT_GetPreErrHandler
BT_GetReportFilePath
BT_GetReportFormat
BT_GetSupportEMail
BT_GetSupportHost
BT_GetSupportPort
BT_GetSupportURL
BT_GetUserMessage
BT_InsLogEntry
BT_InsLogEntryF
BT_InsLogEntryV
BT_InstallSehFilter
BT_MakeSnapshot
BT_NetFilter
BT_OpenLogFile
BT_ReadVersionInfo
BT_SehFilter
BT_SetActivityType
BT_SetAppName
BT_SetAppVersion
BT_SetDialogMessage
BT_SetDumpType
BT_SetFlags
BT_SetLogEchoMode
BT_SetLogFlags
BT_SetLogLevel
BT_SetLogSizeInBytes
BT_SetLogSizeInEntries
BT_SetMailProfile
BT_SetNotificationEMail
BT_SetPostErrHandler
BT_SetPreErrHandler
BT_SetReportFilePath
BT_SetReportFormat
BT_SetSupportEMail
BT_SetSupportHost
BT_SetSupportPort
BT_SetSupportServer
BT_SetSupportURL
BT_SetUserMessage
BT_SetUserMessageFromCode
BT_UninstallSehFilter

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ba49e0296a0e5301b3b82de02042739

Headers

File Characteristics

PDB Paths

Imports

ws2_32

comctl32

shlwapi

version

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcr80

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 7KB - Virtual size: 7KB

.rmnet Size: 65KB - Virtual size: 68KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 7KB - Virtual size: 7KB

.rmnet
Size: 65KB - Virtual size: 68KB