553286d2d8b14cb52c46d3edfd3f474816a42cb7eb82d621141735693ff5d2c3

Sharing

Copy URL Twitter E-mail

General

Target

553286d2d8b14cb52c46d3edfd3f474816a42cb7eb82d621141735693ff5d2c3
Size

798KB
MD5

64f1e6075797bbdc4f9c262eb4c58eb0
SHA1

53d180c2627cb4248f50b6eb6d46896c8d7002be
SHA256

553286d2d8b14cb52c46d3edfd3f474816a42cb7eb82d621141735693ff5d2c3
SHA512

e17b69cbcbbb8e4d902ef059c8f39830ed10adfcf3dfcd84610d8953e686ae79ca2c226c3562800fd0de774967f9c8da687bd91439c117a3ec50b4895802f477
SSDEEP

24576:iopyuyKsodHHIti7ARLXkTwXbB+vC9Bq9wuYnZ:iopyuyKsodHHIti7ARLXkTwXbB+ike

Score

N/A

Malware Config

Signatures

Files

553286d2d8b14cb52c46d3edfd3f474816a42cb7eb82d621141735693ff5d2c3
.exe windows x86

f350bda43abacbff45b04a4bba719499

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr70

_controlfp
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcsncmp
wcscat
wcsncat
_wtol
_beginthreadex
_wtoi64
iswalpha
_wcsnicmp
toupper
wcscspn
qsort
_wsplitpath
wcscpy
_ftol
strncmp
iswdigit
??_V@YAXPAX@Z
sprintf
_stricmp
wcsrchr
_snprintf
wcsstr
_wtoi
iswalnum
swprintf
_vsnwprintf
malloc
wcsncpy
_purecall
iswspace
towupper
swscanf
realloc
free
vswprintf
_vscwprintf
memmove
_CxxThrowException
_beginthread
wcstok
_wcsicmp
__CxxFrameHandler
wcscmp
wcschr
??2@YAPAXI@Z
wcslen
??3@YAXPAX@Z
_snwprintf
__security_error_handler
strchr
strncpy
memset
??_U@YAPAXI@Z
_wcsupr

msvcp70

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

atl70

ord44
ord40
ord64
ord43

advapi32

RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
CryptImportKey
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegEnumKeyExA
RegEnumKeyExW
GetCurrentHwProfileA
GetUserNameA
RegCreateKeyExA
RegSetValueExA

kernel32

SetThreadAffinityMask
GetProcessAffinityMask
GetSystemInfo
OutputDebugStringA
SetLastError
CreateThread
ResumeThread
WaitForSingleObject
GetComputerNameA
GetDiskFreeSpaceA
GetExitCodeThread
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationW
GetVolumeInformationA
GlobalMemoryStatus
SetFilePointer
lstrcpyA
CreateFileA
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
RaiseException
LocalAlloc
CreateDirectoryA
LoadLibraryA
GetProcAddress
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
lstrlenA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
DeleteCriticalSection
GetLastError
ReadFile
DeleteFileA
InterlockedCompareExchange
InterlockedIncrement
InterlockedDecrement
CloseHandle
GetFileSize
CreateFileW
InitializeCriticalSection
LeaveCriticalSection
lstrlenW
TryEnterCriticalSection
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
HeapFree
GetProcessHeap
WideCharToMultiByte
GetFileTime
WriteFile
MultiByteToWideChar
DeleteFileW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FileTimeToSystemTime
EnterCriticalSection
FreeLibrary
LoadLibraryW
SystemTimeToFileTime
GetSystemTimeAsFileTime
RemoveDirectoryW
GetLocalTime
GetSystemTime
CopyFileExW
SetFileTime
CreateDirectoryW
GetFileSizeEx
Sleep
SetEvent
GetDiskFreeSpaceExW
SetProcessWorkingSetSize
GetCurrentProcess
CreateEventW
MoveFileW
FlushInstructionCache
HeapAlloc
GetTempPathW
FormatMessageW
FindClose
FindNextFileW
FindFirstFileW
GetDateFormatW
GetTimeFormatW
GlobalFree
GetCommandLineW
GetDriveTypeW
GetCurrentThreadId
lstrcpyW
CreateProcessW
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
GetModuleHandleA
GetStartupInfoW
LocalFree
DeviceIoControl

gdi32

CreateCompatibleDC
SetBrushOrgEx
SetBkMode
SetTextColor
DeleteObject
CreateFontIndirectW
GetDeviceCaps
CreatePatternBrush
GetObjectW
StretchBlt
SelectObject

user32

GetWindowRect
GetDlgItem
wsprintfA
BroadcastSystemMessageA
wvsprintfA
ClientToScreen
GetClientRect
SetWindowTextW
SendMessageW
LoadStringW
MoveWindow
GetDC
SystemParametersInfoW
LoadImageW
EndDialog
PostMessageW
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW
DestroyWindow
CreateWindowExW
SetForegroundWindow
ShowWindow
GetKeyState
SetWindowLongW
GetDoubleClickTime
TrackPopupMenu
GetCursorPos
SetTimer
wsprintfW
SetMenu
LoadAcceleratorsW
LoadCursorW
RegisterClassW
GetWindowLongW
SetFocus
EnumWindows
GetParent
RealGetWindowClassW
SetRect
DefWindowProcW
SetWindowPos
InvalidateRect
UnregisterClassW
UpdateWindow
PostThreadMessageW
CreateDialogParamW
GetMessageW
UnregisterClassA
CheckMenuItem
ScreenToClient
DialogBoxParamW
ReleaseDC
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
SendNotifyMessageW
DestroyIcon
DestroyMenu
PostQuitMessage
GetAncestor
EnableMenuItem
GetMenuItemCount
SetMenuItemInfoW
InsertMenuItemW
DeleteMenu
GetWindowTextW
KillTimer
MessageBoxW
GetActiveWindow
GetMenuItemInfoW
GetMenu
RegisterWindowMessageW
SetMenuDefaultItem
SetMenuInfo
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSystemMetrics
FindWindowExW
SendDlgItemMessageW
LoadIconW
LoadMenuW
GetSubMenu

comctl32

InitCommonControlsEx

ole32

CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CoTaskMemAlloc
OleSave
CreateBindCtx
StringFromGUID2
CoCreateGuid
OleRun
CoInitializeEx
CLSIDFromProgID

oleaut32

GetErrorInfo
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SysAllocString
SysFreeString
LoadTypeLi
LoadRegTypeLi
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SetErrorInfo
VariantChangeType

shell32

ShellExecuteW
SHGetFolderPathA
Shell_NotifyIconW
SHGetFolderPathW
SHPathPrepareForWriteW
CommandLineToArgvW

wininet

InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetTimeToSystemTimeW
InternetTimeFromSystemTimeW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetReadFile
InternetOpenUrlW
HttpQueryInfoW

wmvcore

WMCreateSyncReader
WMCreateEditor

urlmon

CreateURLMoniker

shlwapi

PathAppendA

crypt32

CertEnumCertificatesInStore
CertFindExtension
CertCreateCertificateContext
CertDuplicateCertificateContext
CertGetIssuerCertificateFromStore
CertVerifySubjectCertificateContext
CryptExportPublicKeyInfo
CertOpenStore
CertFreeCertificateContext
CertCloseStore
CertComparePublicKeyInfo

msi

ord32
ord159
ord160
ord120
ord70
ord92
ord8

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 542KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f350bda43abacbff45b04a4bba719499

Headers

DLL Characteristics

File Characteristics

Imports

msvcr70

msvcp70

atl70

advapi32

kernel32

gdi32

user32

comctl32

ole32

oleaut32

shell32

wininet

wmvcore

urlmon

shlwapi

crypt32

msi

setupapi

Sections

.text Size: 250KB - Virtual size: 250KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 542KB - Virtual size: 545KB

.text
Size: 250KB - Virtual size: 250KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 542KB - Virtual size: 545KB