74872a2f834451065a96b00f8eb32597b604611038039038a51e15c7e35575c4

Sharing

Copy URL Twitter E-mail

General

Target

74872a2f834451065a96b00f8eb32597b604611038039038a51e15c7e35575c4
Size

608KB
MD5

354c47443a16ad93361ffd9cabb433a0
SHA1

3e613b0101a86e87ee39507dd432e14817ca427c
SHA256

74872a2f834451065a96b00f8eb32597b604611038039038a51e15c7e35575c4
SHA512

6ed1f4aa89d628005e37c843548e3787756956f4117c72804cddf965c85f723ab242298a2c03ddf6592e748ae7bcd532995ba8e0071127ee1ec3953d34234f81
SSDEEP

12288:w+WBpsV6dzukntcEHk+TsycKxUs0fWjHK:w+WBpBNukntcaT6KxUs0ujHK

Score

N/A

Malware Config

Signatures

Files

74872a2f834451065a96b00f8eb32597b604611038039038a51e15c7e35575c4
.exe windows x86

298be3f3b4bef6caa04b587ab1f49e7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetErrorDlg
HttpSendRequestW
InternetOpenUrlW
HttpOpenRequestW
InternetCloseHandle
InternetQueryOptionW
HttpOpenRequestA
HttpQueryInfoW
InternetReadFile
HttpSendRequestA
InternetConnectW

urlmon

UrlMkGetSessionOption
CoInternetSetFeatureEnabled

kernel32

GlobalUnlock
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
LoadLibraryW
GetProcAddress
lstrlenA
GetModuleHandleW
GetFileSize
ReadFile
CreateProcessW
VirtualQuery
lstrcmpiA
MoveFileExW
GetCurrentThread
FreeResource
WriteFile
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MulDiv
lstrcpyW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
FreeLibrary
LoadLibraryExW
TerminateProcess
WaitForSingleObject
SetFilePointer
VirtualAlloc
GetModuleHandleA
UnmapViewOfFile
LocalFree
MapViewOfFileEx
CreateFileMappingW
Sleep
InterlockedCompareExchange
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
GlobalAlloc
VirtualProtect
GetStringTypeW
lstrcmpW
GlobalLock
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
HeapDestroy
HeapReAlloc
HeapSize
IsDebuggerPresent
CreateThread
ExitThread
GetSystemTimeAsFileTime
GetCommandLineW
RtlUnwind
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetFileType
lstrcmpiW
lstrcpynW
FlushInstructionCache
SetLastError
RaiseException
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
GetLocalTime
GetTempPathW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
UnhandledExceptionFilter
lstrlenW
FindResourceExW
EncodePointer
FindResourceW
LoadResource
LockResource
SizeofResource
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
OutputDebugStringW
SetStdHandle
WriteConsoleW
SetEndOfFile
VirtualFree
DecodePointer

user32

SetForegroundWindow
BringWindowToTop
DestroyWindow
IsWindowVisible
GetWindow
MonitorFromWindow
GetWindowRect
MapWindowPoints
DialogBoxParamW
RegisterClipboardFormatW
PostMessageW
SendNotifyMessageW
GetDlgCtrlID
GetFocus
GetMonitorInfoW
MonitorFromPoint
DestroyMenu
GetForegroundWindow
TrackPopupMenu
CreatePopupMenu
AttachThreadInput
GetWindowThreadProcessId
DestroyAcceleratorTable
GetDesktopWindow
SetFocus
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
ScreenToClient
SetTimer
SetWindowTextW
KillTimer
GetParent
SetCursor
ReleaseDC
InvalidateRgn
FillRect
ReleaseCapture
SetCapture
CreateAcceleratorTableW
RedrawWindow
CharNextW
GetClassNameW
IsWindow
GetDlgItem
IsChild
RegisterWindowMessageW
DispatchMessageW
EnumChildWindows
RealGetWindowClassW
InsertMenuW
CheckMenuItem
UnregisterClassW
GetSystemMenu
GetSystemMetrics
LoadImageW
FindWindowW
PeekMessageW
GetMessageW
AppendMenuW
TranslateMessage
GetSysColor
TrackMouseEvent
CopyRect
SendMessageW
GetDC
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
SetLayeredWindowAttributes
ShowWindow
WindowFromPoint
SetWindowPos
GetCursorPos
wsprintfW
MessageBoxW
PtInRect
DrawTextW
EndPaint
BeginPaint
SystemParametersInfoW
SetRect
MoveWindow
InvalidateRect
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
GetClientRect
IsIconic
GetMenuItemInfoW

gdi32

GetDeviceCaps
Rectangle
CreateSolidBrush
CreatePen
MoveToEx
LineTo
GetStockObject
GetTextExtentPoint32W
SetTextColor
SetBkMode
ExtTextOutW
SetBkColor
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetViewportOrgEx
DeleteDC
GetObjectW
DeleteObject
CreateFontIndirectW

advapi32

GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeSelfRelativeSD
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
GetSecurityDescriptorOwner

shell32

CommandLineToArgvW
ShellExecuteW
SHCreateDirectoryExW

ole32

CreateStreamOnHGlobal
ProgIDFromCLSID
CoTaskMemRealloc
CLSIDFromString
RegisterDragDrop
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
OleInitialize

oleaut32

SafeArrayAccessData
VariantInit
SysAllocStringLen
VarUI4FromStr
VariantClear
SysFreeString
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
SafeArrayDestroy
SafeArrayCopy
SafeArrayGetVartype
SafeArrayUnaccessData
SafeArrayCreateVector
LoadTypeLi

shlwapi

StrCmpIW
PathAppendW
StrCmpNIW
PathFindExtensionW
StrStrIW
PathFileExistsW
SHRegGetPathW
PathFindFileNameW
PathCombineW
StrCmpW

dbghelp

MiniDumpWriteDump

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdiplus

GdipImageSelectActiveFrame
GdipFree
GdipDisposeImage
GdipAlloc
GdipDeleteGraphics
GdipCreateFromHWND
GdipCloneImage
GdipLoadImageFromStreamICM
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateFromHDC
GdipDrawImageRectI
GdiplusStartup
GdipDrawImageI

iphlpapi

GetAdaptersAddresses

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

arctrom
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

298be3f3b4bef6caa04b587ab1f49e7a

Headers

DLL Characteristics

File Characteristics

Imports

wininet

urlmon

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

dbghelp

version

gdiplus

iphlpapi

Sections

.text Size: 367KB - Virtual size: 366KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 32KB - Virtual size: 53KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 85KB - Virtual size: 86KB

arctrom Size: - Virtual size: 4KB

.text
Size: 367KB - Virtual size: 366KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 32KB - Virtual size: 53KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 85KB - Virtual size: 86KB

arctrom
Size: - Virtual size: 4KB