273d966c70659c3b4cae40702ebecb769d1505f5fd6f2aef4cbb1b6e9efdfd40

Sharing

Copy URL

Twitter E-mail

General

Target

273d966c70659c3b4cae40702ebecb769d1505f5fd6f2aef4cbb1b6e9efdfd40
Size

808KB
MD5

2d67d85e4c57aaa73c437993fcc31c2e
SHA1

74682c5a7517fff45071eacefe1994d4526f91f9
SHA256

273d966c70659c3b4cae40702ebecb769d1505f5fd6f2aef4cbb1b6e9efdfd40
SHA512

8880e9b0705ce9bc99bf33722a5b18b14740b2d96104001fa5d64f7e4e0132f8bfaf5e045e6e997b9c0e5ed344c0d9635c0f0ce447a2c60cd67a8c9c3c7b2ac7
SSDEEP

3072:/r85pTrrORY0CSB0TQHPH928VvNhkxO/:/A5pTrrORY3SB06Pd5F

Score

N/A

Malware Config

Signatures

Files

273d966c70659c3b4cae40702ebecb769d1505f5fd6f2aef4cbb1b6e9efdfd40
.exe windows x86

53297ebf3c409b315bab5fb9bf847634

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetVersion
LoadLibraryA
VirtualAlloc
VirtualProtect
ExitProcess
GetCurrentThreadId
GetCurrentProcess
GetLogicalDrives
ReadFile
GetCompressedFileSizeW
FindActCtxSectionStringA
FindFirstVolumeMountPointW
FlushViewOfFile
DeleteCriticalSection
CreateFileMappingW
SetCalendarInfoA
ReadConsoleInputExW
GetComputerNameExA
SetVolumeMountPointA
OpenJobObjectA

comctl32

InitCommonControls
DSA_DestroyCallback
ImageList_BeginDrag
ImageList_LoadImageW
DrawStatusText
ImageList_Destroy
DPA_InsertPtr
_TrackMouseEvent
ImageList_GetDragImage
PropertySheetW
DPA_Sort
DllGetVersion
ImageList_GetImageInfo
ImageList_DrawIndirect
FlatSB_SetScrollProp
CreateStatusWindowW
FlatSB_GetScrollInfo
DrawStatusTextW
FlatSB_EnableScrollBar

shell32

ILGetNext
SHBrowseForFolderW
SHDefExtractIconA
InternalExtractIconListA
PickIconDlg
PathIsSlowW
RealShellExecuteExW
ShellMessageBoxW
OpenAs_RunDLLA
SHFlushSFCache
SHFindFiles
StrStrIW
SHStartNetConnectionDialogW

comdlg32

FindTextW
PageSetupDlgA
PrintDlgA
dwLBSubclass
WantArrows
CommDlgExtendedError
Ssync_ANSI_UNICODE_Struct_For_WOW
PrintDlgExW
ChooseColorA
GetOpenFileNameW
GetOpenFileNameA
ReplaceTextA
PrintDlgExA

oleaut32

VARIANT_UserFree
VarDateFromR8
VarDateFromStr
VarDecFromI1
VarCyFromI2
VarBoolFromI1
VarDateFromBool
VarUI2FromI8
VarDateFromI4
VarI4FromDec
VARIANT_UserMarshal
VarUI8FromUI1
VarMod
VarUI8FromI2
VarBstrFromUI2
VarR8FromDate
BSTR_UserFree
SafeArrayDestroyData
BSTR_UserUnmarshal
VarParseNumFromStr

gdiplus

GdipSetImageAttributesColorMatrix
GdipAddPathClosedCurve2
GdipIsMatrixIdentity
GdipBeginContainer2
GdipPathIterIsValid
GdipDrawBezierI
GdipReversePath
GdipGetPathGradientPointCount
GdipGetRenderingOrigin
GdipDrawBeziers
GdipScaleTextureTransform
GdipFillClosedCurve2I
GdipEnumerateMetafileDestRectI
GdipCreateRegionRgnData
GdipPathIterEnumerate

advapi32

InitiateSystemShutdownExW
BuildImpersonateTrusteeW
ObjectPrivilegeAuditAlarmW
WmiQuerySingleInstanceMultipleA
RegFlushKey
LookupSecurityDescriptorPartsW
RegOpenKeyW
RegCreateKeyA
SystemFunction030
RegEnumKeyExA

imagehlp

SymGetModuleInfoW
ImageLoad
RemoveRelocations
SymFunctionTableAccess
SymGetModuleBase64
SymGetModuleBase
GetImageConfigInformation
SymEnumSym
SymGetLinePrev
FindFileInSearchPath
SymFunctionTableAccess64
SymGetLineFromName
SymUnloadModule
ImageGetCertificateData
StackWalk64
SymEnumerateModules64
CheckSumMappedFile
SymEnumerateSymbols64
SymUnloadModule64

gdi32

EngReleaseSemaphore
GdiConvertToDevmodeW
RemoveFontResourceExA
EnumFontFamiliesExA
CreateDIBitmap
AddFontResourceExA
CreateEnhMetaFileW
RectInRegion
GdiGetSpoolFileHandle
EnableEUDC
FixBrushOrgEx
EngCreatePalette
ExtTextOutA
GetNearestColor
SetBrushOrgEx
GetRgnBox
EngMultiByteToWideChar
CLIPOBJ_ppoGetPath
GetRelAbs
DdEntry11
DdEntry55
DdEntry46
PatBlt
EngDeletePalette

oledlg

OleUIInsertObjectA
OleUIObjectPropertiesA
OleUIChangeIconW
OleUIInsertObjectW
OleUIBusyA
OleUIChangeSourceA
OleUIPromptUserW
OleUIChangeSourceW
OleUIAddVerbMenuW
OleUIEditLinksA
OleUICanConvertOrActivateAs
OleUIUpdateLinksW

winspool.drv

PerfOpen
StartPagePrinter
StartDocDlgA
DeleteMonitorW
DeviceMode
EXTDEVICEMODE
EnumMonitorsW
PerfCollect
EnumPrinterDriversA
GetPrinterDataA
EnumPortsA
GetJobW
FreePrinterNotifyInfo
DeletePrintProcessorA
CommitSpoolData

ole32

CreateStdProgressIndicator
CoGetTreatAsClass
HENHMETAFILE_UserSize
DllRegisterServer
OleGetIconOfClass
CoGetCurrentProcess
UpdateDCOMSettings
OleSetAutoConvert
RegisterDragDrop
CoUninitialize
OleGetClipboard
SNB_UserFree
EnableHookObject
DcomChannelSetHResult

winmm

mmioInstallIOProcW
midiOutOpen
joy32Message
waveOutPrepareHeader
mciSetYieldProc
mmTaskYield
mmioSetInfo
mixerGetDevCapsA
mmioOpenA
mciGetDeviceIDA
tid32Message
midiStreamProperty
mmioRead
midiOutCacheDrumPatches
mciGetErrorStringA

version

GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerInstallFileA
VerFindFileW

user32

IMPSetIMEW
ShowWindow
SetActiveWindow
DdeGetData
SetWindowRgn
SetRect
GetWindow
MBToWCSEx
DlgDirListW
GetMenuInfo
RegisterDeviceNotificationW
DrawCaptionTempA
UpdatePerUserSystemParameters
SetScrollRange
DlgDirSelectComboBoxExA
GetCaretBlinkTime
CreateIconFromResourceEx
SetWindowPos
GetProgmanWindow
GetCapture
SetWindowsHookA
CloseWindow

oleacc

GetStateTextW
AccessibleObjectFromPoint
GetRoleTextW
CreateStdAccessibleObject
WindowFromAccessibleObject
IID_IAccessible
CreateStdAccessibleProxyW
CreateStdAccessibleProxyA
GetOleaccVersionInfo
AccessibleChildren
AccessibleObjectFromEvent

msimg32

DllInitialize
AlphaBlend
vSetDdrawflag
TransparentBlt
GradientFill

shlwapi

StrChrNW
UrlEscapeA
SHRegSetPathW
GetAcceptLanguagesW
SHSetValueA
SHRegGetUSValueW
PathGetArgsA
StrToIntW
PathIsUNCServerA
StrCpyNW
UrlCanonicalizeW
StrCSpnW
ColorHLSToRGB
StrDupA
PathCommonPrefixW

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 653KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53297ebf3c409b315bab5fb9bf847634

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

comdlg32

oleaut32

gdiplus

advapi32

imagehlp

gdi32

oledlg

winspool.drv

ole32

winmm

version

user32

oleacc

msimg32

shlwapi

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 76KB - Virtual size: 76KB

Size: 653KB - Virtual size: 652KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 76KB - Virtual size: 76KB