da1b6bfcb5d2d5afed314e1d049b1edb93c007c61af05f2f0af6ef089a0e7724

Sharing

Copy URL Twitter E-mail

General

Target

da1b6bfcb5d2d5afed314e1d049b1edb93c007c61af05f2f0af6ef089a0e7724
Size

967KB
MD5

54980cbdc97476a510615d5609dc79c6
SHA1

c6ba784eecd1391911f4075a26827b79a740df58
SHA256

da1b6bfcb5d2d5afed314e1d049b1edb93c007c61af05f2f0af6ef089a0e7724
SHA512

7edf74e39082259a35947ff4e24b5aefcba47014a11e92b91e4d41785f25d50df28089b1cba4490d82a2633da9ca98f96d0bd9e5e3a2b26c0af363be8307dcd9
SSDEEP

12288:DIkGr6R8it6NRcKWbOY1o1KAAlTrGygto9TdTsh41urAh3obDU5Z:reitMRcKtUAAl/GyD9Ttshyh3obg5Z

Score

N/A

Malware Config

Signatures

Files

da1b6bfcb5d2d5afed314e1d049b1edb93c007c61af05f2f0af6ef089a0e7724
.exe windows x86

0355eea2f6a3387bb5343847bae41257

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

closesocket
WSACleanup
WSAStartup
inet_addr
gethostname
shutdown
bind
WSAGetLastError
socket
gethostbyname
recv
send
getsockname
getpeername
accept
setsockopt
listen
ioctlsocket
connect
htons
htonl

winmm

timeSetEvent
timeGetTime

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wtsapi32

WTSEnumerateProcessesA
WTSEnumerateSessionsA
WTSFreeMemory

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

kernel32

CreateToolhelp32Snapshot
Sleep
GetExitCodeProcess
SetEvent
CreateEventA
OutputDebugStringA
SetCurrentDirectoryA
GetComputerNameA
ResumeThread
CreateThread
IsBadWritePtr
IsBadReadPtr
GetFileSize
CreateFileA
GetSystemInfo
GetSystemTime
SetFilePointer
ReadFile
CreateDirectoryA
SetErrorMode
MoveFileExA
SetFileTime
SystemTimeToFileTime
FlushFileBuffers
SetEndOfFile
WriteFile
MoveFileA
lstrlenA
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileTime
SetThreadPriority
GetCurrentThread
OpenEventA
GlobalUnlock
GlobalLock
GlobalAlloc
TerminateProcess
CreateProcessA
SetProcessShutdownParameters
Process32First
LockResource
GetCurrentProcessId
SizeofResource
FindResourceA
WriteConsoleA
GetStdHandle
FormatMessageA
AllocConsole
GlobalDeleteAtom
GlobalGetAtomNameA
GlobalAddAtomA
ResetEvent
GlobalFree
SearchPathA
ExitThread
HeapReAlloc
GetStartupInfoA
GetProcessHeap
GetCommandLineA
GetFileType
SetStdHandle
ExitProcess
FileTimeToLocalFileTime
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
TlsAlloc
DuplicateHandle
TlsSetValue
TlsFree
TlsGetValue
CreateSemaphoreA
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSection
GetLocalTime
Process32Next
GetVersionExA
SetLastError
GetCurrentProcess
ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
WritePrivateProfileSectionA
WritePrivateProfileStructA
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetPrivateProfileStructA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
OpenProcess
CloseHandle
InterlockedIncrement
GetTempPathA
WinExec
CopyFileA
GetLastError
FreeLibrary
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
LCMapStringA
MultiByteToWideChar
LCMapStringW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetFullPathNameA
GetCurrentDirectoryA
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
LoadResource
SetEnvironmentVariableA

user32

LoadMenuA
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
EnableMenuItem
EnableWindow
GetKeyState
VkKeyScanA
ToAscii
GetAsyncKeyState
MapVirtualKeyA
SetRect
PeekMessageA
WaitMessage
IsIconic
RegisterWindowMessageA
GetIconInfo
SetClipboardViewer
EnumWindows
ChangeClipboardChain
DestroyWindow
WaitForInputIdle
WindowFromPoint
GetClipboardOwner
GetClipboardData
IsWindowVisible
OpenClipboard
EmptyClipboard
DestroyMenu
CloseClipboard
GetDlgItemInt
IsWindow
GetWindowTextA
OpenDesktopA
EnumDesktopWindows
GetClassNameA
mouse_event
GetKeyboardState
keybd_event
SetActiveWindow
MessageBeep
FlashWindow
GetDesktopWindow
ChangeDisplaySettingsExA
EnumDisplaySettingsA
DialogBoxParamA
EndDialog
SetWindowTextA
LoadStringA
GetWindowRect
InvalidateRect
GetDlgItemTextA
GetCursorPos
ScreenToClient
SetCursor
SetCapture
GetCaretBlinkTime
SetCaretBlinkTime
SetDlgItemInt
CheckDlgButton
GetProcessWindowStation
SetClipboardData
ExitWindowsEx
ReleaseCapture
MoveWindow
CallWindowProcA
GetParent
DrawIconEx
GetClientRect
GetDC
ReleaseDC
PostMessageA
SetDlgItemTextA
GetScrollInfo
GetDlgItem
SendDlgItemMessageA
SetForegroundWindow
MessageBoxA
wsprintfA
IsDlgButtonChecked
FindWindowA
GetWindowThreadProcessId
SystemParametersInfoA
GetForegroundWindow
SendMessageA
OpenInputDesktop
GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
GetMessageA
DispatchMessageA
TranslateMessage
CloseDesktop
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics
AdjustWindowRect
CreateWindowExA
GetWindowLongA
SetWindowLongA
ShowWindow
KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
SetWindowPos
IsRectEmpty
LoadImageA
SetFocus

gdi32

GetObjectA
GetBitmapBits
GetPixel
GdiFlush
CreateCompatibleBitmap
CreateDIBSection
CreatePalette
SelectPalette
RealizePalette
SetDIBColorTable
GetDeviceCaps
BitBlt
ExtEscape
GetSystemPaletteEntries
SetROP2
MoveToEx
LineTo
SetBkMode
GetStockObject
GetClipBox
CreateCompatibleDC
CreateSolidBrush
SelectObject
PatBlt
StretchBlt
DeleteObject
CreateDCA
DeleteDC
GetDIBits

advapi32

RegOpenKeyExA
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
OpenProcessToken
CreateProcessAsUserA
RegSetValueExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
GetUserNameA
LookupAccountSidA
RegCreateKeyA
CreateServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
QueryServiceStatus
DeleteService
RegCreateKeyExA
SetServiceStatus
DuplicateTokenEx
SetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
GetTokenInformation
AllocateAndInitializeSid
CloseServiceHandle
QueryServiceConfigA
EqualSid

shell32

SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationA
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

msvfw32

ord2

avifil32

AVIFileOpenA
AVIFileCreateStreamA
AVISaveOptions
AVISaveOptionsFree
AVIMakeCompressedStream
AVIStreamSetFormat
AVIStreamRelease
AVIFileRelease
AVIFileExit
AVIStreamWrite
AVIFileInit

imm32

ImmGetDefaultIMEWnd

Sections

.text
Size: 448KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0355eea2f6a3387bb5343847bae41257

Headers

File Characteristics

Imports

wsock32

winmm

version

wtsapi32

userenv

kernel32

user32

gdi32

advapi32

shell32

ole32

msvfw32

avifil32

imm32

Sections

.text Size: 448KB - Virtual size: 445KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 12KB - Virtual size: 125KB

.rsrc Size: 408KB - Virtual size: 408KB

.text
Size: 448KB - Virtual size: 445KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 12KB - Virtual size: 125KB

.rsrc
Size: 408KB - Virtual size: 408KB