2b0a8f483d660951e4ebab1126a4a8b5b402755a4afe49eb961045b6ed4c4bfa

Sharing

Copy URL Twitter E-mail

General

Target

2b0a8f483d660951e4ebab1126a4a8b5b402755a4afe49eb961045b6ed4c4bfa
Size

1.4MB
MD5

b096d359fc61129505f883a9b0bc73c6
SHA1

dc2665a42f221ed182bb72bbfd001e8913d6cc39
SHA256

2b0a8f483d660951e4ebab1126a4a8b5b402755a4afe49eb961045b6ed4c4bfa
SHA512

c3f44c728773caed9bc8186ba1cf7e0a13ee58e8b0830324ef15d5efabf5b286be6b40a5b549dfe633ac125875c617c456087b4c065ba6b819cf1b12e53db3db
SSDEEP

24576:uL/pk6LzxY0uc4EdJ7r7LQI36c6jKP8lOXVAmeg73:Y36laPeg7

Score

N/A

Malware Config

Signatures

Files

2b0a8f483d660951e4ebab1126a4a8b5b402755a4afe49eb961045b6ed4c4bfa
.exe windows x86

100abb31a9b7384fa1f0a3034a475558

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmDisableIME

kernel32

GetUserDefaultLangID
OutputDebugStringW
GetPrivateProfileStringW
InterlockedExchange
FlushInstructionCache
GetPrivateProfileIntW
InterlockedDecrement
FreeResource
InterlockedIncrement
RaiseException
GetWindowsDirectoryW
GetStdHandle
WaitForMultipleObjects
VirtualFree
VirtualAlloc
SetEvent
ReleaseSemaphore
ResetEvent
CreateSemaphoreW
CreateEventW
lstrcpyW
lstrcatW
SetFileAttributesW
CreateFileA
lstrcmpiW
LoadLibraryExW
VerifyVersionInfoW
GlobalLock
GlobalAlloc
TerminateThread
GetCommandLineW
GetDriveTypeW
GetDiskFreeSpaceExW
MapViewOfFileEx
GlobalFree
GlobalUnlock
VerSetConditionMask
GetExitCodeThread
CreateThread
ResumeThread
CreateProcessW
GetExitCodeProcess
lstrcmpW
GetComputerNameA
FindResourceExW
WriteFile
FindResourceW
FindFirstFileA
CreateFileW
LockResource
LoadResource
SizeofResource
lstrlenA
GetFileAttributesW
DeviceIoControl
GlobalMemoryStatusEx
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFullPathNameA
GetDriveTypeA
GetCurrentDirectoryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
RtlUnwind
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
HeapCreate
GetStartupInfoW
VirtualQuery
VirtualProtect
ExitThread
ExitProcess
GetModuleHandleA
GetFileType
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
LoadLibraryA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
MultiByteToWideChar
lstrlenW
CreateDirectoryW
CloseHandle
ReadFile
SetEndOfFile
GetFileSize
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetCurrentProcessId
GetLocalTime
ReleaseMutex
SetFilePointer
CreateMutexW
GetCurrentThreadId
GetFileSizeEx
WaitForSingleObject
FileTimeToSystemTime
GetSystemTimeAsFileTime
SetFileTime
FlushFileBuffers
MoveFileW
SetLastError
GetFileAttributesExW
SetCurrentDirectoryW
UnmapViewOfFile
MapViewOfFile
GetCurrentDirectoryW
CreateFileMappingW
GetTempFileNameW
GetTickCount
GetVolumeInformationW
CopyFileW
InterlockedCompareExchange
GetSystemInfo
Sleep
LocalFree
LocalAlloc
GetTempPathW
GetVersionExW
GetSystemDirectoryW
GetModuleHandleW
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteCriticalSection
LeaveCriticalSection
ExpandEnvironmentStringsW
EnterCriticalSection
GetCurrentProcess
InitializeCriticalSection
FreeLibrary
OpenProcess
QueryDosDeviceW
GetProcAddress
GetLogicalDriveStringsW
LoadLibraryW
SystemTimeToFileTime
GetModuleFileNameW
MoveFileExW
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetLastError
WideCharToMultiByte

user32

GetDesktopWindow
LoadStringW
SetCursor
DestroyIcon
GetWindowTextW
BeginPaint
GetActiveWindow
EnumDisplayDevicesA
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
UnregisterClassA
GetWindowRect
ClientToScreen
IsWindowVisible
EnableWindow
SystemParametersInfoW
EqualRect
DispatchMessageW
IsRectEmpty
PostMessageW
TranslateMessage
SetRectEmpty
IsDialogMessageW
AttachThreadInput
GetMonitorInfoW
SendMessageW
SetForegroundWindow
MonitorFromWindow
DestroyWindow
GetParent
GetForegroundWindow
IsWindowEnabled
IsChild
GetWindowThreadProcessId
MapWindowPoints
ReleaseCapture
SetWindowLongW
GetFocus
SetTimer
GetWindow
GetWindowLongW
GetMessageW
SetCapture
IsWindow
DefWindowProcW
PeekMessageW
MoveWindow
SetFocus
UpdateLayeredWindow
InvalidateRect
LoadIconW
GetDlgItem
RegisterWindowMessageW
OffsetRect
DrawIconEx
CallWindowProcW
CopyRect
PostThreadMessageW
ReleaseDC
PtInRect
GetDC
GetNextDlgTabItem
SetRect
RegisterClassExW
KillTimer
CreateWindowExW
LoadImageW
InflateRect
FindWindowW
GetClassInfoExW
DrawTextW
LoadCursorW
EndPaint
GetClientRect
GetDlgCtrlID
GetCursorPos
SetWindowPos
CharUpperW
CharLowerW
CharNextW
LoadBitmapW
GetWindowTextLengthW
SetActiveWindow
SetWindowTextW
GetKeyState
ShowWindow
ScreenToClient
IntersectRect

gdi32

RoundRect
SetViewportOrgEx
SetStretchBltMode
CreateCompatibleBitmap
CreateBitmap
StretchBlt
GetTextMetricsW
GetClipRgn
GetCurrentObject
CreateDIBSection
CreateRectRgn
CreateCompatibleDC
CreateRectRgnIndirect
GetTextExtentPoint32W
CombineRgn
SetBkMode
SelectClipRgn
ExtTextOutW
SaveDC
SetBkColor
GetViewportOrgEx
MoveToEx
GetTextColor
ExtSelectClipRgn
LineTo
Rectangle
OffsetRgn
CreateFontIndirectW
SetTextColor
RestoreDC
SelectObject
RectInRegion
DeleteDC
GetDeviceCaps
DeleteObject
CreateRoundRectRgn
GetObjectW
CreatePen
GetStockObject
BitBlt
TextOutW

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
OpenProcessToken
LookupPrivilegeValueW
ChangeServiceConfig2W
ChangeServiceConfigW
CreateServiceW
ControlService
StartServiceW
DeleteService
RegEnumValueW
CreateProcessAsUserW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
DeleteAce
GetAce
GetNamedSecurityInfoW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
SetTokenInformation
DuplicateTokenEx
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
RegSetValueExW
AdjustTokenPrivileges

shell32

SHGetMalloc
SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteW
ord680
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CoUninitialize
CoSetProxyBlanket
CoInitializeEx
CoTaskMemRealloc
CoInitializeSecurity
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateGuid

oleaut32

VariantInit
SafeArrayUnlock
SafeArrayLock
VarUI4FromStr
SysStringLen
VariantCopy
VariantClear
SysAllocString
SysFreeString

shlwapi

PathRemoveExtensionW
PathCombineW
StrToIntW
StrToIntA
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathAppendW
PathAddBackslashW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipLoadImageFromStream
GdipImageRotateFlip
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipGetImagePixelFormat
GdipDisposeImageAttributes
GdipSetSmoothingMode
GdipCreateFromHDC
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipSetClipPath
GdipDeleteGraphics
GdipDeleteFont
GdipSetImageAttributesColorMatrix
GdipCreatePen1
GdipFree
GdipSetTextRenderingHint
GdipDeleteFontFamily
GdipCreateBitmapFromScan0
GdipDrawString
GdipGetImageGraphicsContext
GdipDeletePen
GdipTranslateWorldTransform
GdipDrawPath
GdipSetInterpolationMode
GdipCreateFont
GdipRotateWorldTransform
GdipSetPixelOffsetMode
GdipCreateStringFormat
GdipDrawLinesI
GdipResetWorldTransform
GdipGetFamily
GdipDeleteStringFormat
GdipCreateFontFromLogfontW
GdipFillRectangleI
GdipAddPathArcI
GdipCreatePath
GdipSetPenDashStyle
GdipSetPenEndCap
GdipCreateLineBrushFromRectWithAngleI
GdipSetStringFormatAlign
GdipCloneBrush
GdipAddPathStringI
GdipSetStringFormatLineAlign
GdipDeletePath
GdipFillPath
GdipSetPenStartCap
GdipDrawImageRectRectI
GdipDeleteBrush
GdipGetFontSize
GdipMeasureString
GdipSetStringFormatFlags
GdipDrawImageRectRect
GdipSetPenMode
GdiplusShutdown
GdipGraphicsClear
GdipSetStringFormatTrimming
GdipGetImageHeight
GdipAddPathPieI
GdipDrawImageRectI
GdipDrawLine
GdipGetImageWidth
GdipNewPrivateFontCollection
GdipClosePathFigure
GdipDrawImageI
GdipDeletePrivateFontCollection
GdipDrawRectangleI
GdipFillRectangle
GdipDisposeImage
GdiplusStartup
GdipCloneImage
GdipPrivateAddFontFile
GdipAddPathRectangleI
GdipGetFontCollectionFamilyCount
GdipCreateImageAttributes
GdipSetCompositingQuality
GdipLoadImageFromFile
GdipAlloc
GdipCreateSolidFill
GdipCloneBitmapArea

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

psapi

GetModuleFileNameExW
GetProcessImageFileNameW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

100abb31a9b7384fa1f0a3034a475558

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

wtsapi32

psapi

iphlpapi

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 188KB - Virtual size: 186KB

.data Size: 24KB - Virtual size: 43KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 188KB - Virtual size: 186KB

.data
Size: 24KB - Virtual size: 43KB

.rsrc
Size: 104KB - Virtual size: 100KB