d2f4d0029325668140884fe1532170a8747ad9ecd48d87d11f0e192ae1b84ad6

Sharing

Copy URL

Twitter E-mail

General

Target

d2f4d0029325668140884fe1532170a8747ad9ecd48d87d11f0e192ae1b84ad6
Size

348KB
MD5

a736e0aa42d924a08b51818596cdffd3
SHA1

d3124b364161e918e2a71241a1f4e636df5d104b
SHA256

d2f4d0029325668140884fe1532170a8747ad9ecd48d87d11f0e192ae1b84ad6
SHA512

1079e80b1104a1c76ab951e2dc2751d3bd27537afd9ccea852d8bd3b2735204ef6fe6d44079aff02d3a255c23d6fcd67123d1b01072be647a80cb0f279cb7f80

Score

N/A

Malware Config

Signatures

Files

d2f4d0029325668140884fe1532170a8747ad9ecd48d87d11f0e192ae1b84ad6
.exe windows x86

6f3a8212eb40f158529ee55a58be2762

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapCreate
IsProcessorFeaturePresent
GetCurrentThreadId
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetProcAddress
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
RaiseException
CreateFileW
HeapSetInformation
GetCommandLineA
InterlockedIncrement
WriteFile
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
LocalFree
CloseHandle
WinExec
OutputDebugStringA
GetModuleHandleA
OpenEventA
LocalAlloc
LoadLibraryA
GlobalFree
GlobalGetAtomNameA
GetStdHandle
GetModuleFileNameW
lstrcmpiA
SetLastError
GetLastError
GlobalUnlock
MultiByteToWideChar
GetConsoleWindow
CreateEventA
IsBadCodePtr
Sleep
GlobalAlloc
GetEnvironmentStrings
IsBadReadPtr
GetProcessHeap
GlobalDeleteAtom
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetUserDefaultLCID
GetLocaleInfoW
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringW
LoadLibraryW
HeapReAlloc
FlushFileBuffers
RtlUnwind
HeapSize
SetStdHandle
InterlockedDecrement
WriteConsoleW
GetTickCount
WaitForSingleObject
GlobalLock
GetStartupInfoW
IsBadHugeWritePtr
HeapFree
GlobalAddAtomA
HeapAlloc
IsBadHugeReadPtr
GetLocaleInfoA
lstrlenA
GetCurrentProcess
VirtualQuery

user32

FindWindowA
UpdateWindow
LoadImageA
GetSystemMetrics
SystemParametersInfoA
MessageBoxW
DefMDIChildProcA
OpenClipboard
DefWindowProcW
GetMessagePos
RegisterDeviceNotificationA
GetWindowThreadProcessId
RegisterClassA
GetWindow
GetTopWindow
SetCapture
LoadCursorA
UnpackDDElParam
DestroyIcon
ChangeDisplaySettingsA
DrawTextA
GetSubMenu
LoadStringA
DeleteMenu
GetFocus
LoadBitmapA
DispatchMessageA
CreateWindowExW
ClipCursor
PostMessageA
IsWindow
AppendMenuA
FreeDDElParam
DrawMenuBar
CreatePopupMenu
SetMenu
ShowWindow
SetLayeredWindowAttributes
EnumChildWindows
GetCursorPos
MoveWindow
GetScrollPos
PostQuitMessage
PackDDElParam
SetActiveWindow
GetWindowRect
ScreenToClient
RealChildWindowFromPoint
SetTimer
CloseClipboard
SetWindowPlacement
DestroyWindow
ClientToScreen
EndPaint
SetWindowPos
GetSysColor
GetDesktopWindow
EnableMenuItem
ReleaseDC
PeekMessageA
SetScrollPos
CreateWindowExA
GetClipboardData
GetParent
LoadIconA
DefFrameProcA
IsWindowEnabled
wsprintfA
DefWindowProcA
EndDialog
GetClientRect
CreateMenu
SendMessageA
BeginPaint
EnumWindows
PtInRect
SetScrollRange
GetDC
InflateRect
GetForegroundWindow
GetMenu
GetWindowPlacement
GetWindowTextA
RegisterClipboardFormatA
SetWindowLongA
MessageBoxA
InvalidateRect
GetWindowLongA
GetDlgItem

gdi32

SetWindowExtEx
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
SetBkColor
CreateMetaFileA
ExcludeClipRect
CreateDCA
SetPixel
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
LineTo
CreateCompatibleBitmap
Rectangle
SaveDC
Polyline
CreatePen
GetClipBox
SetViewportExtEx
GetTextMetricsA
ChoosePixelFormat
SetPixelFormat
SetTextAlign
GetStockObject
TextOutA
SetMapMode
GetTextExtentPoint32A

winspool.drv

OpenPrinterA
DocumentPropertiesA

comdlg32

PrintDlgExA

advapi32

SetSecurityDescriptorDacl
GetTokenInformation
SetSecurityDescriptorGroup
SetEntriesInAclA
ConvertSidToStringSidA
RegQueryValueExA
InitializeSecurityDescriptor
RegCreateKeyA
RegOpenKeyExA
AllocateAndInitializeSid
SetSecurityDescriptorOwner
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
RegCloseKey
GetNamedSecurityInfoA
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
CreateWellKnownSid

shell32

SHEmptyRecycleBinA
SHParseDisplayName
SHBindToParent
ExtractAssociatedIconA
SHQueryRecycleBinA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetDataFromIDListA
ord195

ole32

CoUnmarshalInterface
OleFlushClipboard
CoTaskMemFree
StgOpenStorage
CoInitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoUninitialize

ws2_32

htons
accept
listen
socket
bind
WSAEventSelect
WSAStartup
WSAEnumNetworkEvents

psapi

GetModuleFileNameExA

msvfw32

ICCompressorChoose

msacm32

acmDriverOpen

cryptui

CryptUIWizImport

shlwapi

StrChrA
PathFindFileNameA
StrRetToBufA

comctl32

ImageList_Add
ImageList_DragEnter
ImageList_SetOverlayImage
ord6
ImageList_Create
ImageList_BeginDrag

pdh

PdhGetFormattedCounterValue

gdiplus

GdipCreateBitmapFromGraphics
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDeletePen
GdipDisposeImage
GdipCreateFromHDC
GdipDrawLine
GdipCloneImage
GdipCreatePen1
GdipGetImageGraphicsContext

opengl32

glMatrixMode
glRenderMode
glRotatef
glPushMatrix
glLoadIdentity
glShadeModel
glViewport
glClearColor
glClear
glEnableClientState
wglCreateContext
glMaterialfv
wglCopyContext
wglDeleteContext
wglMakeCurrent

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesA

uxtheme

DrawThemeBackground
OpenThemeData
GetWindowTheme
CloseThemeData

authz

AuthzFreeContext
AuthzFreeResourceManager
AuthzInitializeResourceManager
AuthzInitializeContextFromSid

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f3a8212eb40f158529ee55a58be2762

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

ws2_32

psapi

msvfw32

msacm32

cryptui

shlwapi

comctl32

pdh

gdiplus

opengl32

wtsapi32

uxtheme

authz

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 150KB - Virtual size: 149KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 150KB - Virtual size: 149KB