573957e42c6defeb0a4d2298e52d25944caad4027e838a9421f2dc13604af945

Sharing

Copy URL Twitter E-mail

General

Target

573957e42c6defeb0a4d2298e52d25944caad4027e838a9421f2dc13604af945
Size

923KB
MD5

4064809517e3934129c5214191b80891
SHA1

328e1e0d7fdf193a1c99cfedce50668b2d20f9f2
SHA256

573957e42c6defeb0a4d2298e52d25944caad4027e838a9421f2dc13604af945
SHA512

43a6738c34d38a19fe7a39958ac215477f13116b87b8351771509467caa0c231b3c4456996749ff7607953d1050badc2c391f4a857fb84eeecf0a44fb81cef75
SSDEEP

12288:gXNkxzwnU4OtE4iZoeGx4JsX+XuQ8Bd43VTc9VHZ8QEUEZMS7TIbf6csDl:gXNmO4iueGxr2uQK4RYVHZ8QEj7+Zal

Score

N/A

Malware Config

Signatures

Files

573957e42c6defeb0a4d2298e52d25944caad4027e838a9421f2dc13604af945
.exe windows x86

54965c8d37f27b801d8681221c43f97f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
GetProfileStringA
CreateToolhelp32Snapshot
Process32First
Process32Next
FindNextFileA
CreateDirectoryA
GetDriveTypeA
GetSystemDirectoryA
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetACP
HeapReAlloc
HeapSize
TerminateProcess
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
WaitForSingleObject
GlobalAlloc
GetCurrentThread
FormatMessageA
LocalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GlobalFree
lstrcpynA
WideCharToMultiByte
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
MultiByteToWideChar
InterlockedDecrement
GetLastError
FindResourceA
LoadResource
SizeofResource
LockResource
CreateFileA
WriteFile
CloseHandle
CopyFileA
DeleteFileA
lstrcpyA
GetModuleFileNameA
lstrlenA

user32

UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetMenuItemCount
DrawTextA
GrayStringA
GetCursorPos
LoadStringA
DestroyMenu
IsDialogMessageA
GetMenuItemID
CreateDialogIndirectParamA
GetWindowTextLengthA
EndPaint
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
GetWindowDC
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
GetClassInfoA
BeginPaint
DestroyCursor
DestroyIcon
GetWindowLongA
SendMessageA
GetNextDlgTabItem
GetParent
SetCursor
InvalidateRect
GetActiveWindow
WindowFromPoint
ClientToScreen
PostMessageA
TrackPopupMenuEx
GetSubMenu
GetWindowRect
DrawFocusRect
InflateRect
CopyRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetClientRect
OffsetRect
GetWindowTextA
TabbedTextOutA
EndDialog
PostQuitMessage
GetNextDlgGroupItem
ValidateRect
TranslateMessage
GetMessageA
SetWindowContextHelpId
MapDialogRect
CharUpperA
GetClassNameA
GetDesktopWindow
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
PostThreadMessageA
RegisterClipboardFormatA
GetDlgItem
DrawStateA
FillRect
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetSysColor
ReleaseDC
LoadCursorA
CopyIcon
GetMessagePos
ScreenToClient
KillTimer
MessageBeep
SetTimer
MessageBoxA
GetSystemMenu
AppendMenuA
LoadIconA
PtInRect
LoadBitmapA
EnableWindow
FrameRect
GetDC

gdi32

MoveToEx
LineTo
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
PtVisible
ScaleViewportExtEx
TextOutA
ExtTextOutA
Escape
GetMapMode
IntersectClipRect
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
CreateFontIndirectA
CreateSolidBrush
GetObjectA
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
PatBlt
CreateRoundRectRgn
StretchBlt
GetCurrentObject
GetTextExtentPointA
CreateDIBitmap
CreateCompatibleBitmap
GetStockObject
RectVisible
GetClipBox
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyA
RegSetValueA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA
ExtractIconA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderPathA

comctl32

ImageList_Draw
ord17
ImageList_Destroy
ImageList_Create
_TrackMouseEvent
ImageList_AddMasked

oledlg

ord8

ole32

CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleRun

olepro32

ord253

oleaut32

SysStringLen
SysAllocString
VariantChangeType
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
SafeArrayCreate
SafeArrayPutElement
VariantInit
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
GetErrorInfo
VariantClear

winmm

PlaySoundA

cps

RaSetRoot
RaGetFilesCount
RaResetPointer
RaWriteNextFile
RaClose
RaOpen

msimg32

AlphaBlend

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14.4MB - Virtual size: 14.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54965c8d37f27b801d8681221c43f97f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

cps

msimg32

version

Sections

.text Size: 288KB - Virtual size: 285KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 36KB - Virtual size: 51KB

.rsrc Size: 14.4MB - Virtual size: 14.4MB

.text
Size: 288KB - Virtual size: 285KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 36KB - Virtual size: 51KB

.rsrc
Size: 14.4MB - Virtual size: 14.4MB