28ee5aca9ddeb35b8ad0b5135f2f55b6705fbca879ccae4e16b3906d3b10b614

Sharing

Copy URL Twitter E-mail

General

Target

28ee5aca9ddeb35b8ad0b5135f2f55b6705fbca879ccae4e16b3906d3b10b614
Size

386KB
MD5

4cc44bb197fc40b9ed9408750df88200
SHA1

77405f3eec466b56b3222b03eab1a1a23d0c96a0
SHA256

28ee5aca9ddeb35b8ad0b5135f2f55b6705fbca879ccae4e16b3906d3b10b614
SHA512

dfe03da0058675aa7ebb659caef9c6aa68f1f4165eb122dc9adcea868df63cfe914fa9d0ae6badda39e97b8abd9e7cc55048390a9218e1e195237dbb56283b6b
SSDEEP

6144:IeKQqABfS7t+ESQQAHmY0spxLrdLUkAmu7EU5vVtLR5/XK:IeAAhS7t+EnG4d3AjtLR5/XK

Score

N/A

Malware Config

Signatures

Files

28ee5aca9ddeb35b8ad0b5135f2f55b6705fbca879ccae4e16b3906d3b10b614
.exe windows x86

f8e385c616213f3b8cd901227af9c096

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetLastActivePopup
GetGUIThreadInfo
GetClientRect
GetAncestor
EnumChildWindows
RedrawWindow
VkKeyScanA
DrawCaption
CharToOemW
GetLayeredWindowAttributes
IsChild
LoadMenuA
GetUserObjectInformationA
ToUnicode
DispatchMessageW
CallWindowProcA
GetDlgItem
IsWindow
DestroyWindow
GetWindow
DrawTextW
IsWindowVisible
UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ShowWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
AnyPopup
UpdateWindow
EnableWindow
CheckMenuItem
OpenInputDesktop
CreateDesktopW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SendDlgItemMessageA
SetThreadDesktop
SwitchDesktop
CloseDesktop
SendMessageW
PostMessageW
GetSystemMetrics
IsIconic
GetFocus
GetTopWindow
GetWindowLongW
GetClassNameW
SetWindowLongW
SetWindowPos
SetForegroundWindow
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
SetFocus
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW

comdlg32

GetFileTitleW

shell32

SHGetFolderPathW
ShellExecuteW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoTaskMemFree
StgCreateDocfileOnILockBytes

advapi32

CheckTokenMembership
QueryServiceLockStatusW
OpenServiceA
GetServiceDisplayNameA
RegCloseKey
RegisterServiceCtrlHandlerA
GetUserNameW
RegOpenKeyA
ReportEventA
LookupPrivilegeValueW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
OpenProcessToken
RegQueryValueExW
AdjustTokenPrivileges
AllocateAndInitializeSid
RegCreateKeyExW
FreeSid
RegSetValueExW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
FindFirstFreeAce

gdi32

BitBlt
AddFontResourceA
Chord
AbortPath
CreateBitmap
ChoosePixelFormat
CombineRgn
CloseMetaFile
CreateDIBitmap

opengl32

glLightfv
glLightModelfv
glLightModelf
glHint
glGetString
glGenTextures
glEnd
glEnable
glDisable
glDepthFunc
glCopyTexImage2D
glColor4f
glColor3f
glClearDepth
glClearColor
glClear
glCallList
glBlendFunc
glBegin

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GetExitCodeThread
CreateEventW
SetEvent
GetEnvironmentVariableW
CreateDirectoryW
RemoveDirectoryW
GetSystemDirectoryW
GetTempPathW
GetSystemDefaultLangID
SetCurrentDirectoryW
CreateThread
WaitForSingleObject
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
CompareStringA
WriteConsoleW
CreateFileA
SetErrorMode
FlushFileBuffers
SetFilePointer
lstrlenA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFlags
GetModuleHandleA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
LoadLibraryA
GetVersion
FileTimeToSystemTime
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
WideCharToMultiByte
SetLastError
GlobalAlloc
FormatMessageW
lstrlenW
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
MultiByteToWideChar
GetCurrentDirectoryW
MoveFileW
GetLastError
LocalFree
OpenProcess
CreateProcessW
FileTimeToLocalFileTime
GetThreadLocale
FormatMessageA
ResetEvent
GetLogicalDriveStringsW
DeleteFileA
MoveFileA
CreateProcessA
GetFileAttributesA
CreatePipe
GetExitCodeProcess
GetDriveTypeA
GetCurrentDirectoryA
SetEnvironmentVariableW
SetEnvironmentVariableA
HeapDestroy
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemInfo
VirtualProtect
GetProcessHeap
GetFileTime
GetVolumeInformationW
DuplicateHandle
UnlockFile
LockFile
GetTimeFormatA
GetDateFormatA
InterlockedIncrement
InterlockedDecrement
GetTimeZoneInformation
GetConsoleOutputCP
GetPrivateProfileStringW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
LocalAlloc
GetCommandLineW
GetTickCount
GetModuleFileNameW
FreeLibrary
LoadLibraryExW
GetPrivateProfileIntW
CloseHandle
WriteFile
ReadFile
GetFileSize
GetDriveTypeW
GetWindowsDirectoryW
GetVersionExW
GetCurrentProcess
VirtualAlloc
GetLongPathNameA
SetThreadPriorityBoost
lstrcpyA
GetSystemDefaultLCID
SetThreadAffinityMask
IsBadReadPtr
GetCPInfo
SizeofResource
LockResource
LoadResource
FindResourceW
SetFileAttributesW
CreateFileW
WritePrivateProfileStringW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8e385c616213f3b8cd901227af9c096

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

oledlg

ole32

advapi32

gdi32

opengl32

version

kernel32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 122KB - Virtual size: 274KB

.rsrc Size: 144KB - Virtual size: 143KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 122KB - Virtual size: 274KB

.rsrc
Size: 144KB - Virtual size: 143KB