9c99837e95087c3a8ec752f4acf901d66a0a9b07233c500c26b8a01a628c7afb

Sharing

Copy URL Twitter E-mail

General

Target

9c99837e95087c3a8ec752f4acf901d66a0a9b07233c500c26b8a01a628c7afb
Size

2.2MB
MD5

e464fa4a0b0a7e973cac575ac66e011f
SHA1

55e225d5265559e32cde23a5793683a9f84926ac
SHA256

9c99837e95087c3a8ec752f4acf901d66a0a9b07233c500c26b8a01a628c7afb
SHA512

034071a08dce68d5913d37ed620cd355d8c997be2a44a4d837419746511b8ad4efbe92a242c09f57d73a847ed0deea32cd061c724b7099e080f27aa1d02b7958
SSDEEP

49152:dRoeR+aFrQMWU1DyfqSc1XwQJgkLpajH46:oaFrQMltkqtlZgH

Score

N/A

Malware Config

Signatures

Files

9c99837e95087c3a8ec752f4acf901d66a0a9b07233c500c26b8a01a628c7afb
.exe windows x86

531286aee354a8f940d8f0d413a5b16e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt
GradientFill

netapi32

Netbios

kernel32

HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapReAlloc
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetACP
GetLocalTime
GetProfileStringA
InterlockedExchange
WritePrivateProfileStringA
CloseHandle
TerminateProcess
OpenProcess
GetSystemTime
GetTimeZoneInformation
ExitProcess
GetCommandLineA
ExitThread
HeapAlloc
HeapFree
RaiseException
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetCurrentThread
GetFileTime
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FlushFileBuffers
WriteFile
CreateFileA
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
SetLastError
lstrcmpA
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetSystemInfo
GetCurrentThreadId
SetEvent
ResetEvent
ResumeThread
CreateEventA
GetShortPathNameA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreatePipe
ReadFile
MoveFileA
GetExitCodeProcess
GetModuleHandleA
GetCurrentProcess
GetDiskFreeSpaceExA
FileTimeToSystemTime
GlobalMemoryStatus
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
FindFirstFileA
FindNextFileA
FindClose
GetVersion
SetFileAttributesA
RemoveDirectoryA
GetPrivateProfileStringA
GetTempPathA
FormatMessageA
LocalAlloc
LocalFree
GetTickCount
lstrcatA
WinExec
lstrcpyA
GetPrivateProfileIntA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetLastError
GlobalReAlloc
GlobalFree
MulDiv
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
WaitForSingleObject
ReleaseMutex
CreateMutexA
InterlockedDecrement
GetModuleFileNameA
CreateThread
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetStartupInfoA
CopyFileA
DeleteFileA
CreateProcessA
Sleep
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStrings

user32

GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
GetScrollInfo
GetTopWindow
MessageBoxA
IsChild
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
CreateWindowExA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
PostMessageA
WindowFromPoint
DrawFocusRect
GetIconInfo
DestroyIcon
SetFocus
GetCapture
ClientToScreen
GetClassLongA
SetClassLongA
wvsprintfA
SendMessageA
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
GrayStringA
TabbedTextOutA
GetDlgCtrlID
IsRectEmpty
SetRectEmpty
MapWindowPoints
EqualRect
ShowWindow
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
GetClassInfoA
DefWindowProcA
EnumWindows
GetWindowTextA
GetWindowRgn
AnimateWindow
RegisterHotKey
GetWindowDC
BeginPaint
EndPaint
CharUpperA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
RegisterClipboardFormatA
DrawEdge
GetWindowLongA
GetFocus
DestroyCursor
GetWindowThreadProcessId
LoadBitmapA
GetKeyState
ModifyMenuA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FindWindowA
FindWindowExA
KillTimer
UpdateWindow
MoveWindow
SetWindowPos
SystemParametersInfoA
DefDlgProcA
IsWindowUnicode
GetWindow
wsprintfA
SetWindowContextHelpId
MapDialogRect
LoadStringA
CharNextA
GetClassNameA
PostThreadMessageA
GetNextDlgGroupItem
GetClientRect
GetCursorPos
EnableMenuItem
CreatePopupMenu
GetSubMenu
LoadMenuA
TrackPopupMenu
AppendMenuA
DrawTextA
InvalidateRect
GetWindowRect
GetParent
SetCursor
LoadCursorA
GetSysColor
FillRect
ReleaseDC
GetDC
GetDesktopWindow
SetRect
GetSysColorBrush
MessageBeep
ScreenToClient
CopyAcceleratorTableA
IsWindowVisible
CopyRect
SetWindowRgn
IsIconic
DrawIcon
GetSystemMenu
GetSystemMetrics
SetTimer
SetForegroundWindow
LoadIconA
CopyIcon
IsWindow
SetWindowLongA
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
OffsetRect
SetParent
InflateRect
DestroyMenu

gdi32

ExtSelectClipRgn
GetWindowExtEx
DPtoLP
GetTextColor
LPtoDP
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateBitmap
ExtCreateRegion
CombineRgn
DeleteObject
DeleteDC
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
GetViewportExtEx
CreateFontA
SetTextColor
GetClipBox
GetBkColor
CreatePolygonRgn
Polygon
SetPixelV
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
PtInRegion
SelectClipRgn
GetMapMode
CreatePen
Rectangle
GetTextMetricsA
GetPixel
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA
StretchBlt
CreateRectRgn
CreateSolidBrush
GetObjectA
CreateDIBSection
SelectObject
BitBlt
GetTextExtentPointA
CreateDIBitmap
SetBkColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHGetFolderPathA
DragAcceptFiles
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
Shell_NotifyIconA

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord8

ole32

OleInitialize
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

olepro32

ord251
ord253

oleaut32

VariantCopy
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantInit
VariantTimeToSystemTime
SysAllocString
GetErrorInfo
VariantChangeType
VariantClear
SysFreeString

wsock32

inet_ntoa
select
__WSAFDIsSet
socket
ioctlsocket
htons
connect
setsockopt
closesocket
recv
send
inet_addr
WSACleanup
gethostbyname
WSAGetLastError
WSAStartup

cximagecrt

?MixFrom@CxImage@@QAEXAAV1@HH@Z
?Save@CxImage@@QAE_NPBDI@Z
?IsValid@CxImage@@QBE_NXZ
?GetBpp@CxImage@@QBEGXZ
?Create@CxImage@@QAEPAXIIII@Z
?Draw2@CxImage@@QAEHPAUHDC__@@HHHH@Z
?Destroy@CxImage@@QAE_NXZ
?DestroyFrames@CxImage@@QAE_NXZ
??0CxImage@@QAE@I@Z
?Load@CxImage@@QAE_NPBDI@Z
?Draw2@CxImage@@QAEHPAUHDC__@@ABUtagRECT@@@Z
?GetHeight@CxImage@@QBEIXZ
?GetWidth@CxImage@@QBEIXZ

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

md5

?GetFileMD5@CMD5@@QAE?AVCString@@PBD@Z
??0CMD5@@QAE@XZ
?ClientWork@CMD5@@QAEHVCString@@H0000PAVCProgressCtrl@@HH@Z

sendfile

?OnGetByte@CSendMyFile@@QAE_JXZ
?setStop@CSendMyFile@@QAEXXZ
?SetBlockLen@CSendMyFile@@QAEXH@Z
?sendmyfile@CSendMyFile@@QAEHQADH00UCOMMANDINFO@@NH_N@Z
??0CSendMyFile@@QAE@XZ
?OnGetIsStop@CSendMyFile@@QAE_NXZ
??1CSendMyFile@@QAE@XZ

psapi

EnumProcessModules

Sections

.text
Size: 908KB - Virtual size: 907KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

531286aee354a8f940d8f0d413a5b16e

Headers

File Characteristics

Imports

msimg32

netapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

cximagecrt

version

md5

sendfile

psapi

Sections

.text Size: 908KB - Virtual size: 907KB

.rdata Size: 148KB - Virtual size: 146KB

.data Size: 68KB - Virtual size: 90KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 908KB - Virtual size: 907KB

.rdata
Size: 148KB - Virtual size: 146KB

.data
Size: 68KB - Virtual size: 90KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB