c8b7478df049b728812d97c58ccc0670f17190b30209c01ffa85e30796835a61

Sharing

Copy URL Twitter E-mail

General

Target

c8b7478df049b728812d97c58ccc0670f17190b30209c01ffa85e30796835a61
Size

852KB
MD5

d0ad5912e814b7e061d2aa60f5f95755
SHA1

4aac42eab5621d19d2dd56e1ca7e1cb5e45f72dc
SHA256

c8b7478df049b728812d97c58ccc0670f17190b30209c01ffa85e30796835a61
SHA512

28f5caafbf45c7788004416e9835bce9b9137b297bf06eaf78463bff89016a8e080ab6e4bddbdec0ae41610fc8c2054bfa9b961ec4e0246893dc61d2f513768c
SSDEEP

24576:F8idSuAAS6nNW8icRJoxwd9QRxqG37KEM:VdSJ6nvicRJoxwdIxj7KEM

Score

N/A

Malware Config

Signatures

Files

c8b7478df049b728812d97c58ccc0670f17190b30209c01ffa85e30796835a61
.exe windows x86

c55cabdf1eadc8017b81393c8c21859b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipLoadImageFromStream
GdiplusStartup
GdiplusShutdown
GdipGetDC
GdipGetImageHeight
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdipReleaseDC
GdipDrawImageRectI
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipFillRectangleI

kernel32

InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetFileAttributesA
GetFileSizeEx
GetFileTime
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
ExitProcess
HeapAlloc
TerminateProcess
GetModuleHandleW
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitThread
CreateThread
GetFileInformationByHandle
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
VirtualFree
HeapCreate
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetStdHandle
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetCurrentProcessId
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetVersionExA
CompareStringA
CreateEventA
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetThreadLocale
MoveFileA
GlobalFree
LocalFree
MulDiv
ExpandEnvironmentStringsA
LoadLibraryA
GetProcAddress
FreeLibrary
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
ReadFile
FormatMessageA
WaitForSingleObject
VerSetConditionMask
VerifyVersionInfoA
SleepEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
RemoveDirectoryA
lstrlenA
OutputDebugStringA
GetLastError
CloseHandle
GetProcessId
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameA
MultiByteToWideChar
InterlockedDecrement
Sleep
DeleteFileA
CreateFileA
SetCurrentDirectoryA
CreateDirectoryA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetDriveTypeA
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLogicalDrives
CreateFileW
UnhandledExceptionFilter

user32

SetWindowContextHelpId
InflateRect
GetMenuItemInfoA
UnregisterClassA
RegisterClipboardFormatA
GetNextDlgGroupItem
MessageBeep
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ReleaseCapture
SetCursor
LoadCursorA
SetCapture
IsRectEmpty
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
MapDialogRect
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetSysColor
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindow
GetFocus
IsChild
AdjustWindowRectEx
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
CharUpperA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
ReleaseDC
UpdateLayeredWindow
GetDC
PostQuitMessage
DrawIcon
SetWindowRgn
LoadImageA
EnumWindows
WaitForInputIdle
GetWindowThreadProcessId
SetFocus
SetWindowPos
SetForegroundWindow
IsIconic
UpdateWindow
ShowWindow
SetTimer
CharNextA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
TranslateAcceleratorA
GetClassInfoA
IsWindow
PostMessageA
InvalidateRgn
SetRect
CopyAcceleratorTableA
GetSysColorBrush
ShowOwnedPopups
SetScrollRange
KillTimer
InvalidateRect
SetWindowLongA
GetWindowLongA
CloseWindow
GetSystemMetrics
MoveWindow
GetClientRect
LoadIconA
LoadStringA
PostThreadMessageA
SendMessageA
GetParent
BringWindowToTop
GetWindowRect
EnableWindow
MessageBoxA
GetMenu

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SetViewportOrgEx
ExtTextOutA
CreateSolidBrush
CreateEllipticRgn
LPtoDP
Ellipse
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
CreateFontIndirectA
GetTextExtentPoint32A
GetMapMode
Escape
GetPixel
GetWindowExtEx
GetViewportExtEx
TextOutA
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
DeleteDC
DeleteObject
CreateDIBSection
CombineRgn
CreateRectRgn
CreatePolygonRgn
BitBlt
RectVisible
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetMapMode
PtVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

CryptDestroyKey
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt

shell32

DragQueryFileA
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderPathA
DragFinish

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathFileExistsA

oledlg

ord8

ole32

CoRegisterMessageFilter
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoDisconnectObject

oleaut32

VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi
VariantChangeType
VariantCopy
SysStringLen
SysAllocStringLen
VariantInit
SysFreeString
SysAllocStringByteLen
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

ws2_32

accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
setsockopt
getsockname
listen
gethostname
recv
send
WSAIoctl
ioctlsocket
ntohs
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup

wldap32

ord60
ord50
ord26
ord30
ord200
ord32
ord143
ord79
ord33
ord301
ord27
ord41
ord46
ord211
ord22
ord35

Sections

.text
Size: 584KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c55cabdf1eadc8017b81393c8c21859b

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wldap32

Sections

.text Size: 584KB - Virtual size: 584KB

.rdata Size: 135KB - Virtual size: 134KB

.data Size: 13KB - Virtual size: 28KB

.rsrc Size: 257KB - Virtual size: 257KB

.reloc Size: 53KB - Virtual size: 52KB

.text
Size: 584KB - Virtual size: 584KB

.rdata
Size: 135KB - Virtual size: 134KB

.data
Size: 13KB - Virtual size: 28KB

.rsrc
Size: 257KB - Virtual size: 257KB

.reloc
Size: 53KB - Virtual size: 52KB