93f608a6b954b788bb6f340619ad57a3b5f21523b8d9b352c72261a5e8e13513

Sharing

Copy URL Twitter E-mail

General

Target

93f608a6b954b788bb6f340619ad57a3b5f21523b8d9b352c72261a5e8e13513
Size

86KB
MD5

9b706f4d0dbc0f48e9b402a2c19d402f
SHA1

d336e7ceffd8e692e0e23461d3b5bf3caa8b8c2d
SHA256

93f608a6b954b788bb6f340619ad57a3b5f21523b8d9b352c72261a5e8e13513
SHA512

afcacea74c63170f4bfea9c6b130ac2c0c7e8faf68873965f6fc48ed4e29cf7161a6ae733fb978fb162991ecc9a6432d3dcd2f2c746b2ffed218bf99dd4a0f88
SSDEEP

1536:ObJXfH64RD0w9iFMkZUmV7vXJL1U2MT2EwnaRhdtD8eskgVsHT9BAZr/l39/482f:ObJvpD04WHDXJW2MTan8P1s5sHT9qr/e

Score

N/A

Malware Config

Signatures

Files

93f608a6b954b788bb6f340619ad57a3b5f21523b8d9b352c72261a5e8e13513
.exe windows x86

0f4593226da643aff546ed216bc835af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
TerminateThread
FreeLibrary
SetLastError
GetLogicalDrives
WritePrivateProfileStructA
CopyFileExW
WriteFileGather
WriteConsoleOutputCharacterW
QueryPerformanceCounter
CreateDirectoryA
MapViewOfFileEx
EnumCalendarInfoExW
GetVolumeInformationA
TlsAlloc
SetConsoleScreenBufferSize
MulDiv
SwitchToThread
WriteFile
CreateFileMappingW
GetCurrentDirectoryA
GetFullPathNameA
GlobalUnWire
FreeResource
IsBadCodePtr
DeleteAtom
GetSystemTimeAdjustment
LockResource
SetThreadAffinityMask
CreateMutexA
GetLastError
EnumSystemCodePagesA
lstrcatA
GlobalGetAtomNameW
WriteProfileSectionA
GetFileType
GetCPInfoExA
GetPrivateProfileSectionW
CreateFileA
GetStringTypeW
GetPrivateProfileIntW
SetCommState
SetUnhandledExceptionFilter
OpenWaitableTimerA
VirtualProtect
GetTickCount
BuildCommDCBW
TerminateProcess
VirtualAlloc
WaitNamedPipeW
TransactNamedPipe
CallNamedPipeA
GetVersion
QueryDosDeviceA
EnumDateFormatsExA
lstrcpyW
SetStdHandle
WaitForSingleObject
SetSystemPowerState
QueryDosDeviceW
GlobalFindAtomA
FindFirstFileW
WaitForSingleObjectEx
VerLanguageNameW
GetPrivateProfileSectionNamesW
Module32Next
GetProcessTimes
LCMapStringW
RemoveDirectoryW
DefineDosDeviceW
GetThreadPriorityBoost
EnumCalendarInfoExA
GetShortPathNameA
GlobalHandle
SetCalendarInfoA
QueryPerformanceFrequency
SwitchToFiber
SetDefaultCommConfigW
GetNumberFormatW
HeapWalk
ResumeThread
GetLongPathNameA
GetTempFileNameW
VerLanguageNameA
lstrcmpiA
SetCurrentDirectoryW
SetThreadPriority
FormatMessageA
lstrlen
SystemTimeToFileTime
GetModuleFileNameA
GetConsoleOutputCP
lstrcmpi
UnlockFile
FoldStringW
GetProcessShutdownParameters
FindResourceExA
SetThreadPriorityBoost
GetCurrencyFormatA
BeginUpdateResourceW
GetAtomNameA
SuspendThread
SleepEx
CreateSemaphoreA
EraseTape
CreateEventW
GetPrivateProfileStringA
GetEnvironmentStringsA
EscapeCommFunction
EnumSystemLocalesA
lstrcmpA
GlobalFree
SetLocaleInfoA
FindCloseChangeNotification
OpenEventW
CreateNamedPipeA
lstrlenW
BuildCommDCBA
GetProcessHeap

advapi32

RegCreateKeyW
GetServiceDisplayNameA
RegGetKeySecurity
RegReplaceKeyA
CloseEventLog
InitializeAcl
BuildTrusteeWithSidW
RegEnumValueW
ObjectPrivilegeAuditAlarmW
CryptVerifySignatureW
OpenSCManagerA
RegReplaceKeyW
LookupSecurityDescriptorPartsW
SetTokenInformation
BackupEventLogW
LookupPrivilegeNameA
ChangeServiceConfigA
StartServiceW
ChangeServiceConfigW
ImpersonateSelf
SetNamedSecurityInfoExA
RegConnectRegistryW
GetSidIdentifierAuthority
RegUnLoadKeyA
GetNamedSecurityInfoExA
GetKernelObjectSecurity
RegRestoreKeyA
CreateServiceW
SetSecurityInfo
RegSaveKeyW
SetEntriesInAuditListA
OpenEventLogW
GetTokenInformation
NotifyChangeEventLog
RegSetValueW
RegLoadKeyA
SetSecurityDescriptorSacl
DuplicateTokenEx
CryptExportKey
MakeSelfRelativeSD
GetAccessPermissionsForObjectW
BuildImpersonateExplicitAccessWithNameW
SetEntriesInAclA
ConvertSecurityDescriptorToAccessNamedW
GetUserNameA
GetCurrentHwProfileW
RegCloseKey
InitiateSystemShutdownA
ControlService
GetSecurityInfoExA
RegEnumKeyExA
GetLengthSid
GetFileSecurityW
CloseServiceHandle
CryptAcquireContextW
GetAce
CryptGetDefaultProviderW
RegOpenKeyExW
GetOldestEventLogRecord
SetSecurityInfoExW
CryptVerifySignatureA
RegisterEventSourceW
CancelOverlappedAccess
OpenProcessToken
GetTrusteeNameA
CryptContextAddRef
AreAllAccessesGranted
IsValidSid
RegEnumKeyW
CryptImportKey
RegisterEventSourceA
BuildTrusteeWithNameA
LookupPrivilegeValueA
FreeSid
CryptHashData
RegEnumKeyA
RegEnumValueA
SetFileSecurityW
GetSecurityDescriptorOwner
CryptEnumProvidersW
BuildTrusteeWithSidA
GetServiceKeyNameW
BuildSecurityDescriptorA
GetSidLengthRequired
BuildTrusteeWithNameW
CryptSetHashParam
AllocateLocallyUniqueId
EnumServicesStatusA
RegQueryValueExA
LookupPrivilegeValueW
RegQueryMultipleValuesW
TrusteeAccessToObjectW
CryptGenKey
GetNamedSecurityInfoExW
QueryServiceConfigA
GetPrivateObjectSecurity
CreatePrivateObjectSecurity
BuildImpersonateExplicitAccessWithNameA
CryptSetProvParam
RegDeleteValueA
GetSecurityInfo
ReadEventLogA
GetMultipleTrusteeOperationA
LookupSecurityDescriptorPartsA
DuplicateToken
QueryServiceLockStatusW
GetExplicitEntriesFromAclW
GetSecurityDescriptorSacl
RegDeleteValueW
RegQueryInfoKeyW
CryptSetProviderA
DeleteAce
AddAccessDeniedAce
ConvertAccessToSecurityDescriptorW
SetServiceStatus
ObjectCloseAuditAlarmA
ObjectOpenAuditAlarmW
OpenEventLogA
RegSetValueA
OpenBackupEventLogA

user32

SetActiveWindow
MessageBoxW
SystemParametersInfoA
InsertMenuItemW
SetWindowsHookExA
MoveWindow
PostMessageW
GetGuiResources
ScreenToClient
DrawAnimatedRects
CreateMDIWindowW
SetWindowsHookA
CharUpperBuffA
DdeCreateDataHandle
GetDlgItemTextW
GetWindowContextHelpId
CharNextA
ShowCursor
GetMenuItemInfoA
LoadCursorFromFileA
InflateRect
GetMenuItemID
DdeDisconnectList
DrawTextExW
WindowFromPoint
BroadcastSystemMessageW
CopyIcon
SetWindowTextW
SetClipboardViewer
PackDDElParam
TranslateAccelerator
GetCaretBlinkTime
EnumDisplaySettingsA
EnumDisplayDevicesA
EndTask
GetMenuItemCount
CascadeChildWindows
SwitchDesktop
DdeInitializeA
GetPriorityClipboardFormat
GetMessagePos
ArrangeIconicWindows
SetDlgItemTextW
CreateCursor
TabbedTextOutA
DdeUnaccessData
DdeGetLastError
WinHelpW
GetWindowLongA
DestroyWindow
GetMenuInfo
CallMsgFilterW
GetActiveWindow
MonitorFromPoint
GetClassWord
LoadStringA
PostMessageA
UpdateWindow
DlgDirSelectComboBoxExA
CopyAcceleratorTableA
SetMessageExtraInfo
LoadImageA
OpenDesktopW
ClientToScreen
GetClipboardData
IsCharUpperW
RemovePropW
RemoveMenu
GetScrollBarInfo
VkKeyScanExA
TranslateAcceleratorW
GetCursorInfo
SetMenuContextHelpId
GetProcessWindowStation
EnableMenuItem
EnumThreadWindows
IsDialogMessage
DdeCreateStringHandleW
DrawFrame
SendDlgItemMessageA
GetClassLongW
DdeUninitialize
SetUserObjectInformationW
SetScrollInfo
SendIMEMessageExA
GetClassInfoExA
UnregisterHotKey
GetAsyncKeyState
SetForegroundWindow
DialogBoxParamW
SetWindowLongW
DrawTextExA
ChangeDisplaySettingsA
SendNotifyMessageA
DlgDirSelectComboBoxExW
BlockInput
RealGetWindowClass
CharNextW
FreeDDElParam
IsRectEmpty
DestroyIcon
GetDlgItemInt
DdeCreateStringHandleA
IntersectRect
GetSubMenu
CreateDialogParamA
GetKeyboardType
RegisterDeviceNotificationW
LoadMenuW
SetClassLongW
CreateIconFromResource
LoadCursorA
CopyRect
CloseWindowStation
GetForegroundWindow
SetClassWord
GetWindowLongW
GetDCEx
GetIconInfo
CreateIconFromResourceEx
DestroyCursor
AnyPopup
CopyImage
ToAscii
DragObject
SetWindowsHookExW

ole32

OleRegGetMiscStatus
EnableHookObject
OleCreateStaticFromData
GetHGlobalFromILockBytes
OleDoAutoConvert
OleMetafilePictFromIconAndLabel
IIDFromString
CoFileTimeToDosDateTime
CoRegisterSurrogate
CoCreateFreeThreadedMarshaler
WriteClassStm
OleCreateLink
PropVariantCopy
OleIsCurrentClipboard
CoGetObject
CoCreateInstance
GetDocumentBitStg
ReadClassStg
CoQueryAuthenticationServices
CreateObjrefMoniker
OleCreateEmbeddingHelper
OleCreateLinkFromData
CoGetInterfaceAndReleaseStream
StgOpenStorage
CoTaskMemFree
OleRun
OleQueryLinkFromData
StringFromGUID2
CreateBindCtx
RegisterDragDrop
OleInitialize
OleGetAutoConvert
CoGetCallContext
CoTreatAsClass
CoImpersonateClient
CoUninitialize
OleDraw
CreateDataCache
CoFreeAllLibraries
OleQueryCreateFromData
GetRunningObjectTable
StgSetTimes
OleLockRunning
DllDebugObjectRPCHook
OleBuildVersion
CoGetStandardMarshal
CoCopyProxy
CoFileTimeNow
UpdateDCOMSettings
OleRegEnumVerbs
CreateDataAdviseHolder
OleLoadFromStream
OleCreateDefaultHandler
OleCreateLinkToFileEx
CoGetTreatAsClass
CoMarshalInterface
CoGetCurrentLogicalThreadId
OleUninitialize
UtGetDvtd16Info
IsEqualGUID
OleCreateFromDataEx
CoDosDateTimeToFileTime
CoFreeUnusedLibraries
WriteStringStream
OleConvertIStorageToOLESTREAMEx
CoUnmarshalInterface
CoLockObjectExternal
StgOpenAsyncDocfileOnIFillLockBytes
OleCreateFromData
OleLoad
CoGetCurrentProcess
ReleaseStgMedium
OleCreateFromFile
StgCreateDocfileOnILockBytes
FreePropVariantArray
OleConvertIStorageToOLESTREAM
CoReleaseServerProcess
CoReleaseMarshalData
CoFreeLibrary
CoInitialize
StgGetIFillLockBytesOnFile
CoCreateGuid
OleRegGetUserType
CoSwitchCallContext
WriteFmtUserTypeStg
MonikerCommonPrefixWith
CoQueryReleaseObject
CoLoadLibrary
BindMoniker
CoUnmarshalHresult
CoGetMalloc
WriteClassStg
OleSave
StgIsStorageFile
CreateItemMoniker
ReadFmtUserTypeStg
UtConvertDvtd32toDvtd16
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoTaskMemRealloc
CoRegisterMallocSpy
CoBuildVersion
CoRegisterPSClsid
CoGetPSClsid
StgCreateDocfile
UtGetDvtd32Info

shlwapi

StrCmpNIA
UrlApplySchemeW
StrRStrIW
PathFindNextComponentA
StrCmpNA
SHDeleteEmptyKeyA
PathRelativePathToW
SHRegDeleteEmptyUSKeyW
PathParseIconLocationA
StrIsIntlEqualW
PathSetDlgItemPathA
PathIsRootA
PathIsContentTypeW
StrCSpnIW
PathRemoveExtensionW
PathUnmakeSystemFolderA
SHRegOpenUSKeyW
SHCopyKeyW
UrlHashW
SHDeleteKeyA
StrRetToBufA
UrlGetPartA
StrDupW
PathFindNextComponentW
SHAutoComplete
SHGetValueA
PathMakePrettyW
StrRStrIA
SHQueryInfoKeyW
ChrCmpIA
PathAppendA
PathBuildRootW
ColorAdjustLuma
PathIsPrefixA
PathSetDlgItemPathW
SHRegGetUSValueW
SHRegDuplicateHKey
PathUndecorateA
UrlGetLocationA
StrChrW
PathIsRelativeW
SHEnumKeyExA
UrlCanonicalizeA
PathStripToRootW
PathFindOnPathW
PathCanonicalizeW
PathRemoveArgsA
PathParseIconLocationW
UrlCreateFromPathA
PathRemoveBackslashW
StrRChrIW
PathUnmakeSystemFolderW
wnsprintfA
AssocQueryStringW
PathFindFileNameA
StrRChrIA
StrNCatW
StrFromTimeIntervalW
PathIsDirectoryW
StrFormatKBSizeA
PathGetDriveNumberW
PathAddExtensionA
UrlCombineW
UrlIsNoHistoryA
StrCSpnW
SHSkipJunction
PathMakeSystemFolderW
GetMenuPosFromID
PathRemoveExtensionA
PathRelativePathToA
SHOpenRegStreamW
StrRChrA
SHEnumValueW
PathCreateFromUrlA
SHQueryValueExA
PathUndecorateW
PathIsUNCA
StrIsIntlEqualA
PathBuildRootA
SHSetValueW
SHRegWriteUSValueW
SHEnumValueA
UrlEscapeW
PathRemoveBlanksW
PathIsPrefixW
SHRegDeleteUSValueA
SHRegOpenUSKeyA
UrlGetLocationW
PathCompactPathExW
StrCmpNW
PathMakeSystemFolderA
PathSearchAndQualifyW
StrRetToBufW
UrlCreateFromPathW
StrFormatKBSizeW
UrlHashA
UrlIsOpaqueA
SHRegDeleteEmptyUSKeyA
PathIsRootW
PathSkipRootW
SHQueryInfoKeyA
PathAddExtensionW
PathIsURLW
PathIsSystemFolderA
SHRegCreateUSKeyA
PathStripToRootA
SHRegQueryInfoUSKeyW
PathRemoveBackslashA
PathGetCharTypeW
PathAddBackslashA
PathAddBackslashW
PathRenameExtensionA
SHRegEnumUSKeyA
PathQuoteSpacesA
PathIsSystemFolderW
AssocQueryStringByKeyA
StrFormatByteSize64A

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f4593226da643aff546ed216bc835af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

ole32

shlwapi

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: - Virtual size: 95B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: - Virtual size: 95B