1fefdcad66245c5731cd3b81b189b34da4d868444c2527674dc342a43fa576d0

Sharing

Copy URL

Twitter E-mail

General

Target

1fefdcad66245c5731cd3b81b189b34da4d868444c2527674dc342a43fa576d0
Size

565KB
MD5

af1f766213f5d5fc95c8a2739e13552f
SHA1

c293a5c354d3b8576f643116b346c4d88af82212
SHA256

1fefdcad66245c5731cd3b81b189b34da4d868444c2527674dc342a43fa576d0
SHA512

8c469bdf38cc6238a7a92f4499ed5ef44d8101090625c0dc60579577154bdebe7c7e06b1b5d170f66e044f5976786b1de15b7c2cec7e4adb9c7ad7d773ee5b92
SSDEEP

12288:tYSLUkX+3NFDCdWo0JwChAjaS3E/5HGzsjKrt6omwmpYH0wsKISpPk:tYSLa9FD1ooHSy5P2QomwmpYUjS6

Score

N/A

Malware Config

Signatures

Files

1fefdcad66245c5731cd3b81b189b34da4d868444c2527674dc342a43fa576d0
.exe windows x86

b332b88d8b62309c1a829e916f77ebcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
HeapReAlloc
HeapSize
WriteFile
GetStdHandle
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualProtect
GetSystemInfo
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
FindNextFileW
IsValidCodePage
FindFirstFileExW
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetConsoleTitleA
CreateFileW
CreateFileMappingW
CreateEventA
UnmapViewOfFile
MapViewOfFile
GetTickCount
GetFileSize
Sleep
WaitForSingleObject
FreeEnvironmentStringsA
GetDateFormatA
GetTimeFormatA
WideCharToMultiByte
MultiByteToWideChar
GetFileType
IsDBCSLeadByte
GetVersionExA
FindFirstFileA
CreateFileA
GetProfileStringA
FindResourceW
FindResourceA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
LoadLibraryA
lstrlenA
lstrcatA
lstrcpyA
lstrcmpiA
lstrcmpA
FileTimeToSystemTime
MulDiv
CloseHandle
FindClose
DecodePointer
ReadFile
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetCurrentThreadId
RaiseException
GetCurrentProcessId
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
FreeLibrary
LockResource
InterlockedDecrement
InterlockedIncrement
RtlUnwind
WriteConsoleW

user32

CopyImage
LoadImageA
LoadCursorA
LoadBitmapA
LoadStringA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetWindowThreadProcessId
CheckMenuRadioItem
LoadStringW
DdeCreateStringHandleW
wsprintfA
RegisterWindowMessageA
DrawEdge
DrawFrameControl
GetMessageA
TranslateMessage
DispatchMessageA
SetScrollInfo
GetScrollInfo
SystemParametersInfoA
MonitorFromPoint
PeekMessageA
GetMessagePos
SendMessageA
PostMessageA
MonitorFromWindow
GetMonitorInfoA
EndDeferWindowPos
GetDlgItemTextA
GetClassNameA
GetParent
SetWindowLongA
GetWindowLongA
PtInRect
OffsetRect
InflateRect
SetRectEmpty
SetRect
FrameRect
FillRect
GetSysColorBrush
GetSysColor
WindowFromPoint
DefWindowProcA
PostQuitMessage
CallWindowProcA
UnregisterClassA
RegisterClassExA
GetClassInfoExA
MapWindowPoints
ScreenToClient
GetForegroundWindow
EnumPropsA
ClientToScreen
MessageBeep
MessageBoxA
GetWindowTextLengthA
GetCursorPos
GetDesktopWindow
LookupIconIdFromDirectory
CreateWindowExA
IsWindow
IsMenu
DestroyWindow
GetWindowRect
GetClientRect
SetWindowTextA
SetScrollPos
ScrollWindowEx
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
UpdateWindow
DrawTextA
SetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
TrackPopupMenuEx
DeleteMenu
RemoveMenu
ModifyMenuA
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
DestroyMenu
CreatePopupMenu
GetMenuStringA
SetMenu
GetMenu
LoadMenuA
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsA
IsWindowEnabled
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextA
CharLowerA
IsClipboardFormatAvailable
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamA
IsWindowVisible
SetWindowPos
ShowWindow

gdi32

AbortDoc
GetObjectA
MoveToEx
EndPage
OffsetWindowOrgEx
SetBrushOrgEx
SetTextJustification
SetWindowExtEx
StartPage
EndDoc
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateFontIndirectA
CreatePatternBrush
CreateRectRgnIndirect
DeleteObject
GetCurrentObject
GetDeviceCaps
GetStockObject
LineTo
PatBlt
RestoreDC
ResetDCA
SaveDC
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
StretchBlt
SetTextColor
CloseEnhMetaFile
CreateEnhMetaFileA
DeleteEnhMetaFile
GetEnhMetaFileHeader
PlayEnhMetaFile
CreateDIBSection
SetViewportOrgEx
DeleteDC
StartDocA

winspool.drv

ClosePrinter
GetPrinterA
OpenPrinterA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PrintDlgA

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryInfoKeyW
RegQueryValueExA
RegSetValueExA
IsTextUnicode
RegDeleteKeyA
RegDeleteValueA

shell32

SHGetFileInfoW

ole32

GetHGlobalFromStream
OleInitialize
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr
SysAllocStringLen
VariantInit
VariantTimeToSystemTime
VarI2FromI4
VarI2FromUI1
VariantChangeType
VariantClear

odbc32

ord9

comctl32

InitCommonControlsEx
PropertySheetA
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Draw
ImageList_DrawIndirect
ImageList_LoadImageA
ord8
ord6
ImageList_Destroy
ImageList_GetImageCount
ImageList_Create
CreatePropertySheetPageA

ws2_32

WSAEventSelect

msi

ord17
ord64
ord8

avifil32

AVIStreamRelease

msacm32

acmFormatTagDetailsA

iphlpapi

GetRTTAndHopCount
GetPerAdapterInfo

rpcrt4

RpcMgmtSetAuthorizationFn
RpcMgmtIsServerListening
RpcMgmtSetCancelTimeout

uxtheme

OpenThemeData

d2d1

ord1

dwrite

DWriteCreateFactory

Sections

.text
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b332b88d8b62309c1a829e916f77ebcd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

comctl32

ws2_32

msi

avifil32

msacm32

iphlpapi

rpcrt4

uxtheme

d2d1

dwrite

Sections

.text Size: 277KB - Virtual size: 277KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 214KB - Virtual size: 214KB

.text
Size: 277KB - Virtual size: 277KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 214KB - Virtual size: 214KB