eaeb2b159e830532b112780f795160a0a66cb79c98a44b074fdd8697d152ff4e

Sharing

Copy URL

Twitter E-mail

General

Target

eaeb2b159e830532b112780f795160a0a66cb79c98a44b074fdd8697d152ff4e
Size

356KB
MD5

01c92fbc7883ad461a67e0e005ff35f9
SHA1

41c2ee7dd056256a1329b5c4304418a39296610d
SHA256

eaeb2b159e830532b112780f795160a0a66cb79c98a44b074fdd8697d152ff4e
SHA512

a0328db9688ca156a0a92036e17d34a417104bb3892d359dc077cf2852cd3d85adff3054f5a5ccba557d56436b3c09c8328026b211cfe36d53fc5918304c7f17
SSDEEP

6144:SGnswXYgW5fIJOsNWR62C/3kd9iSULHWQLF1NwWbEi7eYRm:TnswXYx5fIToR62C/3kd9hULHJLrNS

Score

N/A

Malware Config

Signatures

Files

eaeb2b159e830532b112780f795160a0a66cb79c98a44b074fdd8697d152ff4e
.exe windows x86

bc9b0a1da4bf3a525cb732a1d145a570

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
SHDeleteValueA

kernel32

SetLastError
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetVolumeInformationA
GetStringTypeExA
GetShortPathNameA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
CreateThread
GetProcessVersion
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
Sleep
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
FormatMessageA
LocalFree
GetThreadLocale
MulDiv
GetDiskFreeSpaceA
SetFileTime
GetFullPathNameA
GetFileAttributesA
GlobalFree
GlobalAlloc
lstrcmpA
GetCurrentThread
lstrlenW
FileTimeToSystemTime
SuspendThread
SetThreadPriority
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
TerminateProcess
FreeLibrary
GetWindowsDirectoryA
FindFirstFileA
FindClose
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
OpenFileMappingA
OpenProcess
lstrcpynA
IsBadReadPtr
GlobalMemoryStatus
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetSystemInfo
RaiseException
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GetCurrentProcess
lstrlenA
GetVersionExA
OutputDebugStringA
SetFilePointer
VirtualQuery
lstrcpyA
SetUnhandledExceptionFilter
HeapSize
FindResourceA
InterlockedExchange
LoadResource
LockResource
InterlockedDecrement
ResumeThread
InterlockedIncrement
WaitForMultipleObjects
CreateEventA
CreateMutexA
CreateWaitableTimerA
WideCharToMultiByte
GetTempPathA
GetTempFileNameA
DeleteFileA
WriteFile
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetCurrentProcessId
MultiByteToWideChar
WaitForSingleObject
ResetEvent
SetEvent
ReleaseMutex
CancelWaitableTimer
SetWaitableTimer
CreateProcessA
CopyFileA
GetSystemDirectoryA
GetModuleHandleA
GetModuleFileNameA
GetFileTime
GetSystemTimeAsFileTime
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
ExitThread

user32

RegisterClipboardFormatA
PostThreadMessageA
CharUpperA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
LoadStringA
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorA
ClientToScreen
PtInRect
GetClassNameA
EndDialog
CreateDialogIndirectParamA
CharNextA
FindWindowA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetWindowTextA
EnumWindows
GetWindowThreadProcessId
wvsprintfA
wsprintfA
SystemParametersInfoA
AnimateWindow
GetWindowLongA
IsWindow
SendMessageA
DestroyIcon
EnableWindow
PostMessageA
UpdateWindow
LoadMenuA
GetSubMenu
GetCursorPos
TrackPopupMenu
DestroyMenu
UnregisterClassA

gdi32

ExtTextOutA
Escape
GetMapMode
TextOutA
RectVisible
PtVisible
GetViewportExtEx
SetTextColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetWindowExtEx
GetStockObject
GetDeviceCaps
GetBkColor
GetTextColor
DPtoLP
LPtoDP
CreateBitmap
GetObjectA
SetBkColor

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
CryptReleaseContext
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptGenRandom

shell32

SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish
SHAppBarMessage

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleInitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
GetClassFile
CoInitialize
CoCreateInstance
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
CoTaskMemAlloc

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SafeArrayGetUBound
SysFreeString
SysAllocString
VariantClear
VariantInit
SysStringLen
SafeArrayUnaccessData
SafeArrayGetLBound
VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData

urlmon

URLDownloadToCacheFileA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

InternetOpenA
InternetCloseHandle
InternetGetConnectedState
DeleteUrlCacheEntry
HttpSendRequestA
InternetReadFile
InternetOpenUrlA
HttpOpenRequestA
InternetConnectA
HttpAddRequestHeadersA

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc9b0a1da4bf3a525cb732a1d145a570

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

version

wininet

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 24KB - Virtual size: 56KB

.rsrc Size: 16KB - Virtual size: 12KB

XOR Size: 4KB - Virtual size: 4KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 24KB - Virtual size: 56KB

.rsrc
Size: 16KB - Virtual size: 12KB

XOR
Size: 4KB - Virtual size: 4KB