d209dca148895b94ee27bc6ac4c926890cd7d5c625a2bb8accc8a87ce9ebe2b0

Sharing

Copy URL Twitter E-mail

General

Target

d209dca148895b94ee27bc6ac4c926890cd7d5c625a2bb8accc8a87ce9ebe2b0
Size

841KB
MD5

70f92ddcf0a09a1ab0e7689ea75e7200
SHA1

bb6457adeff8473f7c4ba926e48b330a57994d49
SHA256

d209dca148895b94ee27bc6ac4c926890cd7d5c625a2bb8accc8a87ce9ebe2b0
SHA512

5ed2663ff2024249cf8e77284cb141d935954683e47d596db09cdd7fbfe34cd67a005e7405bef52a69fa446dd35df44680be2ffc19d56f736374142d4e70c711
SSDEEP

24576:jECWBKR1kFJHAMyo42y6yL7Dvq7rSOAi/F:jECW4REqJ7qDAI

Score

N/A

Malware Config

Signatures

Files

d209dca148895b94ee27bc6ac4c926890cd7d5c625a2bb8accc8a87ce9ebe2b0
.exe windows x86

16cfeac0b98149fca27e73db854e310c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
IsValidCodePage
GetOEMCP
SetStdHandle
GlobalUnlock
DuplicateHandle
HeapReAlloc
GetCPInfo
GetExitCodeThread
GetVersion
EnterCriticalSection
LoadLibraryW
GetProcAddress
GetStringTypeW
SetConsoleCtrlHandler
LCMapStringW
GetFileInformationByHandle
TlsGetValue
FindNextFileW
ResetEvent
WriteConsoleW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
CancelIo
SetErrorMode
GetSystemDirectoryW
SetEndOfFile
CopyFileW
InterlockedDecrement
GlobalSize
SetLastError
HeapQueryInformation
LoadLibraryA
GetLastError
TerminateProcess
GetVersionExW
LockResource
TlsAlloc
GetProcessAffinityMask
CreateFileW
OutputDebugStringW
GetThreadPriority
SetThreadExecutionState
HeapFree
GetSystemTimeAsFileTime
GetStdHandle
HeapCreate
FileTimeToSystemTime
SetEvent
GetModuleFileNameW
CloseHandle
SetThreadPriority
InterlockedIncrement
HeapSetInformation
FindClose
QueryPerformanceFrequency
RemoveDirectoryW
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
FreeEnvironmentStringsW
GetFileAttributesW
ReadDirectoryChangesW
LeaveCriticalSection
FindFirstFileW
VirtualAlloc
InterlockedExchange
SizeofResource
GlobalAlloc
GetConsoleMode
lstrlenW
ReadFile
LocalFileTimeToFileTime
SetFilePointer
QueryPerformanceCounter
GetEnvironmentStringsW
TlsFree
WriteFile
GetFileTime
FileTimeToLocalFileTime
GetTickCount
VirtualFree
lstrcatA
GetStartupInfoA
GetModuleFileNameA
GetModuleHandleA
LoadLibraryExA
LocalFree
lstrcpyA
RaiseException
GetCurrentProcessId
CreateMutexW
VirtualProtect
GetModuleHandleW
FindResourceW
CreateThread
IsProcessorFeaturePresent
GetConsoleCP
HeapAlloc
ExitThread
FlushInstructionCache
WaitForMultipleObjects
GetProcessHeap
GetCurrentThreadId
SleepEx
GetSystemInfo
MulDiv
SystemTimeToFileTime
CreateEventW
TlsSetValue
GetFileSize
Sleep
LocalAlloc
HeapDestroy
HeapSize
UnhandledExceptionFilter
DeleteFileW
GetCurrentThread
SetHandleCount
FindResourceExW
GetCurrentProcess
VirtualQuery
GetFileType
ExitProcess
GetFileAttributesExW
GlobalFree
InterlockedCompareExchange
FreeLibrary
WaitForSingleObject
MultiByteToWideChar
GetOverlappedResult
FlushFileBuffers
GetACP
GetCommandLineW
SetUnhandledExceptionFilter
RtlUnwind
GlobalLock
GetStartupInfoW
ResumeThread
MoveFileExW

user32

EnableWindow
GetMessageW
CloseClipboard
MessageBeep
GetMessagePos
ScreenToClient
DrawEdge
UnregisterClassW
DrawIconEx
FillRect
IntersectRect
GetWindowRect
CopyRect
UnhookWindowsHookEx
DrawTextW
SetWindowTextW
EnumChildWindows
TranslateAcceleratorW
GetDlgCtrlID
DestroyMenu
GetDlgItem
LoadAcceleratorsW
MapDialogRect
GetMenu
GetParent
CreateWindowExW
GetMenuItemCount
SetTimer
EndDeferWindowPos
RegisterShellHookWindow
AdjustWindowRect
RegisterClassW
IsClipboardFormatAvailable
IsCharAlphaW
GetSystemMetrics
DeregisterShellHookWindow
SendDlgItemMessageW
SetMenuItemInfoW
RegisterClipboardFormatW
GetClientRect
GetWindowThreadProcessId
MonitorFromRect
EmptyClipboard
SetClipboardData
GetMenuItemInfoW
DestroyIcon
PostMessageW
KillTimer
SetWindowsHookExW
UnregisterClassA
IsWindowEnabled
RegisterWindowMessageW
GetClipboardData
CreatePopupMenu
GetWindowDC
GetWindowTextW
OffsetRect
IsChild
GetComboBoxInfo
ShowWindow
SetForegroundWindow
TrackPopupMenu
DefWindowProcW
UnregisterHotKey
SetWindowLongW
GetClassNameW
CheckMenuRadioItem
LoadCursorW
IsDialogMessageW
MapWindowPoints
EndDialog
MsgWaitForMultipleObjects
DialogBoxParamW
CharLowerW
EndPaint
DispatchMessageW
SetFocus
GetWindowLongW
LoadIconW
MoveWindow
SetLayeredWindowAttributes
SetCursor
SetCapture
SetActiveWindow
RegisterClassExW
CharUpperW
GetActiveWindow
GetFocus
GetKeyState
DeferWindowPos
MessageBoxW
DestroyAcceleratorTable
RegisterHotKey
IsIconic
TrackPopupMenuEx
CallNextHookEx
GetScrollInfo
RedrawWindow
SendMessageW
TranslateMessage
GetWindowPlacement
MapVirtualKeyW
GetDC
LoadImageW
GetClassInfoExW
OpenClipboard
CreateDialogParamW
GetSysColor
InvalidateRect
wsprintfW
ReleaseDC
GetMonitorInfoW
EnumThreadWindows
DestroyWindow
CallWindowProcW
UpdateWindow
AdjustWindowRectEx
AppendMenuW
SetWindowPos
SetDlgItemTextW
BeginDeferWindowPos
IsWindowVisible
ClientToScreen
PeekMessageW
AllowSetForegroundWindow
MonitorFromPoint
BeginPaint
WindowFromPoint
PostQuitMessage
EnumWindows

gdi32

SetBkColor
GetTextExtentPoint32W
SetDCBrushColor
GetStockObject
SetWindowOrgEx
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SelectObject
DeleteDC
SetTextColor
SetBkMode
GetObjectW
ExtTextOutW
OffsetWindowOrgEx

advapi32

RegDeleteValueW
CryptDestroyHash
CryptImportKey
CryptVerifySignatureW
CryptReleaseContext
RegOpenKeyW
RegCloseKey
CryptGetHashParam
CryptDestroyKey
RegQueryInfoKeyW
CryptHashData
CryptCreateHash
RegCreateKeyExW
RegEnumKeyExW
CryptAcquireContextW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegEnumValueW

ole32

CreateStreamOnHGlobal
OleSetClipboard
OleGetClipboard
CoCreateInstance
ReleaseStgMedium
OleUninitialize
CoInitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoUninitialize

shlwapi

StrCmpLogicalW
SHAutoComplete
ColorHLSToRGB
SHDeleteKeyW

crypt32

CertVerifyRevocation
CertCloseStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertFindCertificateInStore
CertOpenSystemStoreW
CertVerifyTimeValidity
CertFreeCertificateContext

iphlpapi

AddIPAddress

secur32

DeleteSecurityContext
FreeCredentialsHandle
QueryContextAttributesW
EncryptMessage
AcquireCredentialsHandleW
DecryptMessage
FreeContextBuffer
ApplyControlToken
InitializeSecurityContextW

oledlg

ord8

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.333w
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xxex
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 27KB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16cfeac0b98149fca27e73db854e310c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

crypt32

iphlpapi

secur32

oledlg

Sections

.text Size: 37KB - Virtual size: 36KB

.333w Size: 67KB - Virtual size: 66KB

.xxex Size: 656KB - Virtual size: 656KB

.rdata Size: 9KB - Virtual size: 9KB

.idat Size: 27KB - Virtual size: 5.3MB

.tls Size: 512B - Virtual size: 101B

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 37KB - Virtual size: 36KB

.333w
Size: 67KB - Virtual size: 66KB

.xxex
Size: 656KB - Virtual size: 656KB

.rdata
Size: 9KB - Virtual size: 9KB

.idat
Size: 27KB - Virtual size: 5.3MB

.tls
Size: 512B - Virtual size: 101B

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 9KB - Virtual size: 8KB