2bd0a1cd908011d42b8e1ae342c1e36ef0c6716944e6198c6ded76d5dcfa6e39

Sharing

Copy URL Twitter E-mail

General

Target

2bd0a1cd908011d42b8e1ae342c1e36ef0c6716944e6198c6ded76d5dcfa6e39
Size

4.6MB
MD5

f00fe0af8600c4fa066290f6e1a95fe5
SHA1

27b162be4bf9a320072f44334b287123aac75ba1
SHA256

2bd0a1cd908011d42b8e1ae342c1e36ef0c6716944e6198c6ded76d5dcfa6e39
SHA512

4ec5dbfdd9cb3018b4c5aeb537fb31c3de928e9e14c4d3b6e25bd195e7c390b2d91b8299a5b84e7fc22c8991630fe5358a4a425aaef159cc9ae8bfb6387102d0
SSDEEP

49152:swuwj0fZkt0Af7C1vvBj+a64vU4wGvfUOOiWsGbq9SzhVhVOCamZjRsh8Hby501P:swDofZ00AfIhjU0wgdgjVhVOCa608ej

Score

N/A

Malware Config

Signatures

Files

2bd0a1cd908011d42b8e1ae342c1e36ef0c6716944e6198c6ded76d5dcfa6e39
.exe windows x86

bdb41c68d515da1ea11618be59af57e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamRelease
AVIFileRelease
AVIStreamWrite
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat
AVIFileExit
AVIFileInit

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibClose

winmm

mciSendCommandA
PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveOutClose

kernel32

GetACP
SetStdHandle
GetFileType
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
TlsFree
TerminateProcess
TlsSetValue
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
LocalFileTimeToFileTime
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
VirtualFree
VirtualAlloc
GetFileAttributesA
lstrcatA
GetModuleFileNameA
WriteFile
SetFilePointer
GetProfileIntA
GetProfileStringA
GetPrivateProfileSectionNamesA
EnumResourceLanguagesA
EnumResourceTypesA
GetExitCodeThread
GlobalReAlloc
GetSystemTime
SetErrorMode
RtlUnwind
HeapReAlloc
ExitThread
RaiseException
GetTimeZoneInformation
GetDiskFreeSpaceA
GetTempFileNameA
SetThreadPriority
GetCurrentThread
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
lstrcpynA
FormatMessageA
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GetFileSize
CreateFileA
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
FindFirstFileA
lstrlenA
InterlockedDecrement
GetLastError
MultiByteToWideChar
GlobalDeleteAtom
GetTickCount
CreateProcessA
lstrcpyA
ReadFile
CopyFileA
MoveFileA
GetTempPathA
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetVersion
WideCharToMultiByte
LocalFree
LocalAlloc
GetDriveTypeA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
CreateDirectoryA
LoadLibraryA
FreeLibrary
SetUnhandledExceptionFilter
SizeofResource
LoadResource
FindResourceA
LockResource
LoadLibraryExA
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
InitializeCriticalSection
LeaveCriticalSection
PostQueuedCompletionStatus
EnterCriticalSection
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
InterlockedExchange
CancelIo
DeleteCriticalSection
ExitProcess
OutputDebugStringA
GlobalMemoryStatus
EnumResourceNamesA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
MulDiv
ResetEvent
GetCurrentDirectoryA
SetFileTime
GetFileTime
SetCurrentDirectoryA
GlobalSize
GetStartupInfoA
GetCommandLineA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
LocalReAlloc
LocalSize
lstrcmpA
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
lstrlenW
FileTimeToLocalFileTime
GlobalFlags
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

ShowOwnedPopups
PostQuitMessage
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
CharUpperA
LoadStringA
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
SetWindowPlacement
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
DispatchMessageA
TranslateMessage
GetMessageA
RegisterWindowMessageA
LoadIconA
EnableWindow
SendMessageA
InvalidateRect
GetForegroundWindow
SetForegroundWindow
SetWindowPos
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
PeekMessageA
IsWindow
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsZoomed
FindWindowA
IsRectEmpty
GetClassNameA
GetDialogBaseUnits
CreateMenu
GetMenuStringA
InsertMenuA
GetDlgCtrlID
IntersectRect
GetIconInfo
SystemParametersInfoA
GetScrollBarInfo
ShowScrollBar
DrawIconEx
GetKeyState
GetWindowLongA
SetRect
GetSysColorBrush
GetDCEx
LockWindowUpdate
DestroyIcon
LoadImageA
SetTimer
GetClientRect
GetSysColor
ValidateRect
ReleaseDC
GetDC
SetParent
UpdateWindow
MessageBoxA
RedrawWindow
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetTabbedTextExtentA
GetClipboardFormatNameA
GetAsyncKeyState
UnionRect
IsWindowUnicode
GetWindowLongW
SetWindowLongW
CopyAcceleratorTableA
GetNextDlgGroupItem
InvertRect
SetWindowLongA
GetMenuState
CheckMenuRadioItem
SendMessageTimeoutA
SetClassLongA
ClipCursor
DestroyCursor
SendDlgItemMessageA
IsIconic
DrawIcon
CreatePopupMenu
AppendMenuA
TrackPopupMenu
DestroyMenu
CopyRect
FillRect
SetWindowRgn
KillTimer
GetDesktopWindow
SetMenu
GetSystemMenu
CheckMenuItem
MessageBeep
InflateRect
GetSystemMetrics
OffsetRect
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LookupIconIdFromDirectory
CreateIconFromResourceEx
CreateIconFromResource
GetWindowRect
PtInRect
GetDoubleClickTime
SetCursorPos
GetCursor
GetMenuStringW
LookupIconIdFromDirectoryEx
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
DrawFrameControl
DrawAnimatedRects
EnumChildWindows
SetMenuDefaultItem
DrawFocusRect
IsClipboardFormatAvailable
WaitMessage
GetWindowRgn
HideCaret
ShowCaret
MapVirtualKeyA
IsMenu
CopyIcon
CreateIconIndirect
GetMenuDefaultItem
GetMenuItemInfoA
DrawEdge
DrawStateA
GetWindow
PostMessageA
SetCapture
LoadCursorA
SetCursor
ScreenToClient
WindowFromPoint
ClientToScreen
ReleaseCapture
GetParent
IsWindowVisible
GetFocus
GetCursorPos
GetMenuItemCount
EnableMenuItem
DeleteMenu
GetSubMenu
LoadMenuA
CharNextA
SetWindowContextHelpId
LoadBitmapA
MapDialogRect
RegisterClipboardFormatA
PostThreadMessageA
wsprintfA
MessageBoxA

gdi32

PtInRegion
SetPixel
GetDIBits
GetWindowOrgEx
Polygon
GetCurrentObject
EnumFontFamiliesExA
GetBitmapBits
ExtCreateRegion
Polyline
GetViewportOrgEx
RoundRect
ExtFloodFill
Ellipse
StrokePath
FillPath
CloseFigure
GetTextExtentPoint32W
ExtTextOutW
GetTextExtentPointA
CreateDIBitmap
GetTextAlign
GetRgnBox
CopyMetaFileA
GetTextMetricsA
GetCharWidthA
CreateFontIndirectA
SetRectRgn
GetWindowExtEx
GetViewportExtEx
ExtSelectClipRgn
GetClipRgn
PolyBezierTo
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetPolyFillMode
RestoreDC
SaveDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
GetClipBox
CreatePolygonRgn
FillRgn
FrameRgn
SetBkMode
SetBkColor
SetTextColor
StretchDIBits
GetDeviceCaps
GetBitmapDimensionEx
CreatePatternBrush
GetBrushOrgEx
SetBrushOrgEx
GetTextColor
GetBkMode
CreateRectRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
BeginPath
EndPath
StrokeAndFillPath
GetStockObject
CreateDIBSection
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
CreateFontA
GetTextExtentPoint32A
GetPixel
SetPixelV
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateSolidBrush

comdlg32

ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA

shell32

DragQueryFileA
SHBrowseForFolderA
SHGetMalloc
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
DragAcceptFiles
SHAppBarMessage
ExtractIconA
SHGetFileInfoA
DragFinish
ShellExecuteA
SHGetPathFromIDListA

comctl32

ImageList_Remove
ImageList_Draw
ImageList_GetImageInfo
ImageList_Add
ImageList_GetIcon
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord1
ord8

ole32

ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoCreateInstance
CLSIDFromString
OleIsCurrentClipboard
CoInitialize
OleRun
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoTaskMemFree

olepro32

ord253
ord251

oleaut32

SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
VariantCopy
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SafeArrayUnaccessData
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SysAllocString
SysFreeString
VariantClear
GetErrorInfo
OleLoadPicturePath
VariantChangeTypeEx

urlmon

URLDownloadToFileA

ws2_32

inet_ntoa
recv
send
getpeername
closesocket
connect
htons
gethostbyname
socket
select
ioctlsocket
WSAStartup
inet_addr
WSACleanup
listen
bind
WSAEventSelect
WSACreateEvent
WSASocketA
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
WSARecv
setsockopt
WSACloseEvent
WSAIoctl
gethostname
WSASend
ntohs
getsockname
shutdown
__WSAFDIsSet
WSAGetLastError

wininet

HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetConnectA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetGetConnectedState
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

shlwapi

SHAutoComplete
PathRemoveFileSpecA

skinh

SkinH_SetAero
SkinH_AttachRes

imm32

ImmAssociateContext

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdb41c68d515da1ea11618be59af57e4

Headers

File Characteristics

Imports

avifil32

msvfw32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

ws2_32

wininet

shlwapi

skinh

imm32

Sections

.text Size: - Virtual size: 2.3MB

.rodata Size: - Virtual size: 11KB

.rotext Size: - Virtual size: 108KB

.rdata Size: - Virtual size: 431KB

.data Size: - Virtual size: 1.3MB

.rsrc Size: 1.3MB - Virtual size: 3.1MB

.vmp0 Size: - Virtual size: 16KB

.vmp1 Size: 3.3MB - Virtual size: 3.3MB

.reloc Size: 4KB - Virtual size: 68B

.text
Size: - Virtual size: 2.3MB

.rodata
Size: - Virtual size: 11KB

.rotext
Size: - Virtual size: 108KB

.rdata
Size: - Virtual size: 431KB

.data
Size: - Virtual size: 1.3MB

.rsrc
Size: 1.3MB - Virtual size: 3.1MB

.vmp0
Size: - Virtual size: 16KB

.vmp1
Size: 3.3MB - Virtual size: 3.3MB

.reloc
Size: 4KB - Virtual size: 68B