105f9263415bcea2e7f2e063aad8b720520f3b1844eb3377811f3a8c8f6b4847

Sharing

Copy URL Twitter E-mail

General

Target

105f9263415bcea2e7f2e063aad8b720520f3b1844eb3377811f3a8c8f6b4847
Size

504KB
MD5

4da87b1519e3c5e0889cd80be556150f
SHA1

d397966321470b53b4b70995845ef3a092cf41fc
SHA256

105f9263415bcea2e7f2e063aad8b720520f3b1844eb3377811f3a8c8f6b4847
SHA512

1dd50dcfeec3d31054489b0942fa090e31ac2d950f333cd3b7564b6c8cb84715dc1114b673a0863933dd61142808b0ea4a00fd4d021769a41cfb9138d707feb6
SSDEEP

12288:XIa41DdVubR5FxkJWIr1NF/0rRLc05TgWeAGGTjcO1Y5wK649o:XCYYr18RLZ5TuAGIjbY5wSO

Score

N/A

Malware Config

Signatures

Files

105f9263415bcea2e7f2e063aad8b720520f3b1844eb3377811f3a8c8f6b4847
.exe windows x86

598549b175679e3bf81f93f25f48b544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

disksn

ord1

mfc42

ord3693
ord5789
ord5787
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6172
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord6021
ord4123
ord2380
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord3610
ord656
ord6242
ord2080
ord3495
ord3089
ord3797
ord4083
ord1842
ord2863
ord1175
ord3920
ord1233
ord3733
ord801
ord810
ord860
ord541
ord3398
ord4271
ord1642
ord2453
ord4125
ord6008
ord3287
ord2818
ord2764
ord3752
ord5710
ord4129
ord2784
ord940
ord6883
ord3297
ord2065
ord6143
ord3303
ord4202
ord3914
ord941
ord5683
ord922
ord924
ord2438
ord6270
ord4220
ord2584
ord3654
ord1644
ord2546
ord291
ord1176
ord2642
ord3092
ord2713
ord3138
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord3663
ord815
ord5572
ord2915
ord668
ord1980
ord2770
ord356
ord2621
ord617
ord5214
ord296
ord1134
ord1200
ord6877
ord926
ord1979
ord5442
ord665
ord5186
ord354
ord6385
ord693
ord2582
ord4402
ord3370
ord3640
ord2298
ord2295
ord2364
ord2370
ord2301
ord2567
ord4538
ord3996
ord939
ord2862
ord6888
ord6907
ord3998
ord3181
ord4058
ord2781
ord1669
ord2652
ord6334
ord6675
ord3301
ord3721
ord795
ord4287
ord2763
ord1858
ord4216
ord1859
ord1816
ord4204
ord5450
ord5834
ord6394
ord2841
ord2448
ord5440
ord6383
ord2044
ord2107
ord5583
ord2639
ord6378
ord6605
ord3790
ord1768
ord4278
ord3318
ord1803
ord1158
ord4047
ord2152
ord4023
ord6283
ord6282
ord703
ord2454
ord3508
ord403
ord2803
ord5773
ord2455
ord2614
ord2919
ord1997
ord6407
ord798
ord5194
ord533
ord5628
ord909
ord4185
ord394
ord696
ord3643
ord1817
ord1928
ord1865
ord1864
ord1945
ord2867
ord3903
ord5782
ord5768
ord1270
ord1232
ord6119
ord4317
ord3626
ord3706
ord384
ord818
ord686
ord3742
ord519
ord6389
ord2461
ord786
ord1168
ord4710
ord537
ord6134
ord4234
ord2302
ord825
ord567
ord3708
ord4424
ord3402
ord5290
ord1776
ord6055
ord324
ord641
ord781
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord472
ord5788
ord4297
ord4133
ord283
ord6197
ord1088
ord6358
ord4160
ord2122
ord1146
ord5981
ord5053
ord2405
ord4284
ord2575
ord556
ord609
ord809
ord3574
ord4396
ord6453
ord289
ord613
ord2859
ord2379
ord470
ord755
ord4275
ord6215
ord1153
ord4299
ord2452
ord562
ord816
ord540
ord3874
ord5875
ord3573
ord6880
ord2714
ord2754
ord5781
ord2864
ord3619
ord3744
ord6442
ord6199
ord2860
ord2096
ord2408
ord5785
ord1641
ord3571
ord823
ord323
ord1640
ord2450
ord2753
ord6157
ord640
ord535
ord2358
ord2414
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord4277
ord858
ord800
ord561
ord1576

msvcrt

_initterm
_setmbcp
__CxxFrameHandler
abs
memset
strlen
_ftol
_mbsnbcpy
_mbscmp
memcpy
_mbsicmp
_mkdir
strcpy
free
malloc
_CxxThrowException
wcscmp
_splitpath
toupper
pow
floor
fread
fclose
_fsopen
fseek
_fcvt
vsprintf
sqrt
fabs
sscanf
memcmp
strcmp
sprintf
isprint
isspace
tolower
isalnum
strstr
strncmp
log
strchr
_ismbcspace
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
strncpy
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

lstrcmpiA
MulDiv
SetPriorityClass
DeviceIoControl
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CreateFileA
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GlobalFree
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
FormatMessageA
GetTickCount
GetTempPathA
GetTempFileNameA
lstrcmpA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
MultiByteToWideChar
lstrcpyA
CreateThread
LocalAlloc
LocalLock
LocalUnlock
LocalFree
WaitForSingleObject
GetExitCodeProcess
CreateMutexA
GetLastError
CloseHandle
LoadLibraryA
FreeLibrary
GetModuleFileNameA
VerSetConditionMask
VerifyVersionInfoA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileAttributesA
OutputDebugStringA
GetDriveTypeA
WideCharToMultiByte
lstrlenW
Sleep
lstrlenA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrcpynA
GetModuleHandleA
GetProcAddress
GetVersionExA
FindResourceA
LoadResource
LockResource
FreeResource
GetStartupInfoA

user32

GetClipboardData
CharLowerA
GetMenuItemInfoA
GetClassNameA
SetMenuItemInfoA
IsMenu
GetSystemMenu
GetMenuItemRect
GetForegroundWindow
DefWindowProcA
TrackMouseEvent
SetWindowPos
MessageBoxA
GetClassInfoExA
FindWindowA
CreateWindowExA
DestroyWindow
ShowWindow
MoveWindow
GetWindowRgn
GetNextDlgGroupItem
GetMenuStringA
DeleteMenu
EnableMenuItem
SetMenuDefaultItem
GetClassInfoA
GetMenuState
MapWindowPoints
SetClassLongA
LoadImageA
GetDC
ReleaseDC
DrawIconEx
GetSysColor
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
OpenClipboard
EmptyClipboard
RegisterClipboardFormatA
SetClipboardData
CloseClipboard
SendMessageA
InvalidateRect
GetClientRect
EnableWindow
IsWindowVisible
PeekMessageA
TranslateMessage
RemoveMenu
GetDesktopWindow
LoadIconA
GetClassLongA
UnionRect
GetWindowDC
LoadBitmapA
IsZoomed
GetMenu
CallWindowProcA
IsWindow
GetPropA
SetPropA
SetWindowLongA
RemovePropA
ValidateRect
GetFocus
GetKeyState
GetWindow
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowTextA
SetRect
FrameRect
LoadMenuA
CreateIconIndirect
FillRect
DrawStateA
DrawFocusRect
GetSubMenu
TrackPopupMenuEx
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
DestroyCursor
DestroyMenu
PostMessageA
CallNextHookEx
InflateRect
wsprintfA
SetForegroundWindow
GetLastActivePopup
EnumDisplaySettingsA
GetMessageA
GetDlgCtrlID
GetMenuItemID
GetMenuItemCount
CheckMenuRadioItem
UpdateWindow
DrawIcon
EqualRect
PtInRect
UnhookWindowsHookEx
SetWindowsHookExA
ReleaseCapture
LoadCursorA
GetSysColorBrush
RegisterClassExA
RedrawWindow
SetWindowRgn
SetRectEmpty
DrawFrameControl
DestroyIcon
AppendMenuA
CreatePopupMenu
AdjustWindowRect
RegisterWindowMessageA
DispatchMessageA
ScreenToClient
SetTimer
KillTimer
GetCursorPos
GetCapture
SetCapture
ClientToScreen
IsRectEmpty
CopyRect
GetIconInfo

gdi32

SetBkColor
SelectObject
CreateBitmap
SetPixel
GetPixel
CreatePen
RoundRect
GetTextExtentPoint32A
GetBkColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
DPtoLP
LPtoDP
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
BitBlt
CreateDiscardableBitmap
GetDeviceCaps
CreateDIBSection
GetCurrentObject
GetTextColor
SetStretchBltMode
SetTextColor
Ellipse
CreateRectRgnIndirect
CreateCompatibleDC
FillRgn
PtInRegion
GetDIBits
RealizePalette
SelectPalette
CreateDCA
GetRgnBox
ExtCreateRegion
SetPixelV
EnumFontFamiliesExA
CreateFontA
EqualRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
FrameRgn
OffsetRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
DeleteObject
GetTextMetricsA
DeleteDC
CreateCompatibleBitmap
GetClipBox
Rectangle
GetDCOrgEx
StretchBlt

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA

shell32

SHGetSpecialFolderLocation
SHFileOperationA
SHGetSpecialFolderPathA
SHGetDataFromIDListA
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExA

comctl32

ImageList_GetIconSize
ImageList_GetIcon
ImageList_Draw
ImageList_Add
ImageList_AddMasked
ImageList_SetBkColor
_TrackMouseEvent
ImageList_Remove
ImageList_Replace
ImageList_GetImageCount
ImageList_SetImageCount

ole32

StringFromCLSID
CoTaskMemFree
CreateStreamOnHGlobal

gdiplus

GdipDrawLine
GdipDrawArc
GdipDrawPath
GdipFillPath
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageThumbnail
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipSaveImageToFile
GdipSaveImageToStream
GdipReleaseDC
GdipSetPageUnit
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDrawImagePointsI
GdipDrawImagePointsRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSetPenWidth
GdipDrawEllipseI
GdipBeginContainer2
GdipEndContainer
GdiplusStartup
GdiplusShutdown
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateLineBrush
GdipSetLineWrapMode
GdipStringFormatGetGenericTypographic
GdipAddPathString
GdipSetTextRenderingHint
GdipCreateFont
GdipDeleteFont
GdipGetFontStyle
GdipDeleteGraphics
GdipCreateFromHDC
GdipAddPathArc
GdipClosePathFigures
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetSmoothingMode

msvcp60

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0_Lockit@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1_Lockit@std@@QAE@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

shlwapi

PathFileExistsA

skinframework

ord1
ord9
ord2

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 372KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

598549b175679e3bf81f93f25f48b544

Headers

File Characteristics

Imports

msimg32

disksn

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

gdiplus

msvcp60

shlwapi

skinframework

iphlpapi

Sections

.text Size: 372KB - Virtual size: 370KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 372KB - Virtual size: 370KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 64KB - Virtual size: 60KB