830d476b6365df83f7aae3f8466ad72b81047a649a5ca914092cebcb36ed45b8

Sharing

Copy URL Twitter E-mail

General

Target

830d476b6365df83f7aae3f8466ad72b81047a649a5ca914092cebcb36ed45b8
Size

484KB
MD5

679112ad122e1a1a3cfcccfedf7b51c0
SHA1

24c662050ac7230633090e8cf966103265d65eff
SHA256

830d476b6365df83f7aae3f8466ad72b81047a649a5ca914092cebcb36ed45b8
SHA512

64a46b5a7f82847a5cff14df9ff8e491ea2a856518b01348a5948535336893992c0a15899fb63368fcbbb215aaae5e904a7c271d719626273587a6b66c252e40
SSDEEP

12288:qKdVLzqWyXmeL2n2VDBWlePhwcQP7aOta44sr:fUXmeLXWlePh9OGA

Score

N/A

Malware Config

Signatures

Files

830d476b6365df83f7aae3f8466ad72b81047a649a5ca914092cebcb36ed45b8
.exe windows x86

92649ed98fa4d1d7ec9aa047d45b91d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
LockResource
LoadResource
CreateThread
ExitThread
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
CreateMutexW
GetEnvironmentVariableW
SetEnvironmentVariableW
OpenThread
ReleaseMutex
SetFilePointerEx
GetSystemTime
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetErrorMode
FindResourceW
CloseHandle
DeviceIoControl
CreateFileW
GetCurrentProcessId
InterlockedIncrement
GetModuleFileNameW
ExitProcess
Sleep
FreeLibrary
GetProcAddress
InterlockedDecrement
DeleteFileW
GetTempFileNameW
GetTempPathW
FindClose
FindFirstFileW
FindNextFileW
GetCommandLineW
TerminateProcess
OpenProcess
WideCharToMultiByte
LoadLibraryW
SetUnhandledExceptionFilter
lstrlenW
GetLastError
VirtualProtect
GetModuleHandleW
GetCurrentProcess
GetCurrentThreadId
OutputDebugStringW
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
SizeofResource
EnterCriticalSection
SetLastError
MulDiv
LocalFree
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalFlags
WritePrivateProfileStringW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleA
WaitForSingleObject
FreeResource
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
MultiByteToWideChar
InterlockedExchange
lstrcmpW
FormatMessageW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock

user32

MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
CharUpperW
UnregisterClassW
ReleaseCapture
SetCapture
GetDesktopWindow
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
GetMessageTime
SendMessageW
IsWindow
GetClientRect
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
GetClassInfoExW
GetClassInfoW
EndDialog
CreateDialogIndirectParamW
RegisterClipboardFormatW
PostThreadMessageW
PostMessageW
SetForegroundWindow
ShowWindow
FindWindowW
MessageBoxW
BringWindowToTop
IsIconic
InflateRect
DrawIcon
AppendMenuW
GetSystemMenu
LoadIconW
GetSystemMetrics
EnableWindow
MoveWindow
GetDlgItem
CreateWindowExW
LoadCursorW
DefWindowProcW
GetSubMenu
GetMenuItemCount
GetMenuItemID
SetPropW
GetMenuState
PostQuitMessage
UnhookWindowsHookEx
GetWindow
SendDlgItemMessageW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
GetWindowLongW
IsDialogMessageW
GetDC

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExtSelectClipRgn
GetStockObject
GetBkColor
GetTextColor
GetRgnBox
DeleteObject
GetMapMode
CreateRectRgnIndirect
ExtTextOutW
CreateBitmap
GetObjectW
SetBkColor
SetMapMode
RestoreDC
SaveDC
DeleteDC
SetTextColor
GetClipBox
GetDeviceCaps
ScaleWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
GetTokenInformation
RegQueryValueExA

shell32

ShellExecuteExW
ShellExecuteW

comctl32

ord17

shlwapi

SHGetValueW
PathFindFileNameW
PathIsRelativeW
PathCombineW
PathRemoveFileSpecW
PathAppendW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW
StrStrIW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantClear

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

92649ed98fa4d1d7ec9aa047d45b91d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 282KB - Virtual size: 281KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 17KB - Virtual size: 33KB

.rsrc Size: 107KB - Virtual size: 108KB

.text
Size: 282KB - Virtual size: 281KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 17KB - Virtual size: 33KB

.rsrc
Size: 107KB - Virtual size: 108KB