0a35c86e1d0bb2dfefaaacfe1c5ab01572860b08a57884d1981311918e120449

Sharing

Copy URL Twitter E-mail

General

Target

0a35c86e1d0bb2dfefaaacfe1c5ab01572860b08a57884d1981311918e120449
Size

1.8MB
MD5

c58b6467df05ee14aaf97d40c7a13d33
SHA1

9206e05b21d0e1a22ffbf3bf3f8ad6fc437a59d1
SHA256

0a35c86e1d0bb2dfefaaacfe1c5ab01572860b08a57884d1981311918e120449
SHA512

57c6ccabaf69a2ed3803bded312a7e5ca7636ded11ca8df2806975ae66378242e7c9f4a21faf25e5e4a48a939e4ebc9c6cf6b83eb7041034083cb0f1913711eb
SSDEEP

24576:9nffc4yVKOC6u2LieMp+yVzxq3ps4h0erP3VFWVoZAEa:9nffsVKf6lMVq364KerVFMoZAx

Score

N/A

Malware Config

Signatures

Files

0a35c86e1d0bb2dfefaaacfe1c5ab01572860b08a57884d1981311918e120449
.exe windows x86

cf96691668c5f3f270e718a9da6149ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GlobalLock
SetLastError
FreeLibrary
SizeofResource
LoadResource
LoadLibraryExA
GlobalFree
GlobalHandle
LockResource
GetCommandLineA
FindResourceW
GetThreadLocale
CreateFileA
lstrcpynA
lstrcatA
CreateEventA
GetTickCount
GetCurrentProcessId
GetUserDefaultUILanguage
GetShortPathNameA
GetSystemDirectoryA
WriteFile
ExitProcess
LocalAlloc
FormatMessageA
LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
MoveFileA
InterlockedExchange
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
ResetEvent
SetDllDirectoryA
OpenProcess
GetWindowsDirectoryA
GetEnvironmentVariableA
FindClose
FindFirstFileA
GetLocaleInfoA
Sleep
GetLocalTime
FormatMessageW
MoveFileExA
SetFilePointer
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
FlushFileBuffers
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetFullPathNameA
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileInformationByHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEndOfFile
SetHandleCount
SetStdHandle
GetStringTypeW
GlobalUnlock
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
HeapReAlloc
HeapDestroy
HeapCreate
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetOEMCP
LeaveCriticalSection
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
GetFullPathNameW
FindFirstFileExW
GetDriveTypeW
FileTimeToLocalFileTime
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
CreateFileW
CreateThread
ExitThread
GetStartupInfoW
HeapSetInformation
GetConsoleMode
GetConsoleCP
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
RtlUnwind
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
InitializeCriticalSection
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetTempPathW
GetSystemTime
GetTempFileNameW
ReleaseMutex
CreateMutexA
OpenThread
GetExitCodeThread
OpenFileMappingA
CreateFileMappingA
GetModuleFileNameA
MulDiv
IsDBCSLeadByte
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
lstrlenW
WideCharToMultiByte
lstrcmpA
lstrcpyA
lstrcmpiA
FindResourceA
GlobalAlloc
FlushInstructionCache
DeleteCriticalSection
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
DeleteFileA
RemoveDirectoryA
CreateProcessA
TerminateProcess
GetExitCodeProcess
PeekNamedPipe
ReadFile
CreatePipe
SetHandleInformation
CloseHandle
WaitForSingleObject
MultiByteToWideChar
GetFileAttributesA
GetSystemWow64DirectoryA
GetTempPathA
GetVersionExA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetNativeSystemInfo
FileTimeToSystemTime
SystemTimeToFileTime
GetLastError
LocalFree
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
EnterCriticalSection
RaiseException
CreateDirectoryA
GetACP
lstrlenA

user32

SetWindowLongA
MsgWaitForMultipleObjectsEx
UnregisterClassA
CharNextA
DefWindowProcA
GetSysColor
MoveWindow
SetWindowPos
GetClientRect
ClientToScreen
GetWindowLongA
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
IsWindowUnicode
SetCapture
IsChild
GetParent
GetDlgItem
GetClassNameA
ReleaseCapture
DestroyWindow
ScreenToClient
wsprintfA
FillRect
CallWindowProcA
GetMessageW
GetMessageA
TranslateMessage
EndPaint
BeginPaint
DestroyAcceleratorTable
SetFocus
GetWindow
GetFocus
GetDesktopWindow
SendMessageA
IsWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
CreateAcceleratorTableA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
DispatchMessageW
DispatchMessageA
PeekMessageA
LoadStringA
RedrawWindow
DrawTextW
GetWindowTextW
SetWindowTextW
GetActiveWindow
MapWindowPoints
EnumWindows
GetWindowThreadProcessId
PostMessageA
EnableMenuItem
LoadImageA
GetSystemMenu
IsWindowVisible
GetCursorPos
GetWindowRect
PtInRect
SetCursor
ShowWindow
SetForegroundWindow
GetTopWindow
IsDlgButtonChecked
CheckDlgButton
MapDialogRect
SetWindowContextHelpId
EndDialog
GetDlgCtrlID
LoadBitmapA
EnableWindow
MessageBoxA

gdi32

CreateDIBSection
SetDIBColorTable
SetTextColor
SetBkMode
StretchBlt
GetStockObject
GetObjectA
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetDeviceCaps
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegOpenCurrentUser
RegOpenKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyExA
RegDeleteValueA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderLocation
SHGetFolderPathW
FindExecutableA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFolderPathA

ole32

CoCreateInstance
CoUninitialize
StringFromCLSID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateGuid

oleaut32

VariantInit
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantClear

urlmon

URLDownloadToFileA

wintrust

WinVerifyTrust

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetErrorDlg
InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetTimeFromSystemTime
InternetTimeToSystemTime
InternetCrackUrlA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW

shlwapi

SHDeleteKeyA
PathAppendA

crypt32

CryptProtectData
CryptBinaryToStringA
CryptStringToBinaryA
CryptUnprotectData

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage

rpcrt4

UuidToStringA
RpcStringFreeA

Sections

.text
Size: 595KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28.9MB - Virtual size: 28.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf96691668c5f3f270e718a9da6149ff

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

wintrust

wininet

version

shlwapi

crypt32

gdiplus

rpcrt4

Sections

.text Size: 595KB - Virtual size: 594KB

.rdata Size: 135KB - Virtual size: 134KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 28.9MB - Virtual size: 28.9MB

.reloc Size: 106KB - Virtual size: 105KB

.text
Size: 595KB - Virtual size: 594KB

.rdata
Size: 135KB - Virtual size: 134KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 28.9MB - Virtual size: 28.9MB

.reloc
Size: 106KB - Virtual size: 105KB