3d6a38faf977f1167f00be29d1514d8fe9d93a87228cdbeb7c76afeb8065f716

Sharing

Copy URL

Twitter E-mail

General

Target

3d6a38faf977f1167f00be29d1514d8fe9d93a87228cdbeb7c76afeb8065f716
Size

396KB
MD5

44e273acce21e698a0f6950cafb1f400
SHA1

d0909fc3a62a580e1a4ad1c77ed18239e0aeba3d
SHA256

3d6a38faf977f1167f00be29d1514d8fe9d93a87228cdbeb7c76afeb8065f716
SHA512

a5fabb9c492a6cf0337dce2baadfcafa73539f5dfe67be569af92d8b308ac4c817ed2b67ecfad72d03f0158bf23a78dae3b0881a30be1a362ef7132d68bbf9de
SSDEEP

6144:KASofVhsPQY8Qbw5R4tJ2pSgPp25CEf/AnMZU5tp6/wgIS6VEPsQ5OOz:hSoO8Iwz4KnPo5Xf08Urp64g2EPvB

Score

N/A

Malware Config

Signatures

Files

3d6a38faf977f1167f00be29d1514d8fe9d93a87228cdbeb7c76afeb8065f716
.exe windows x86

26b14ca766a4b88d6454fffc4206e9c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteProcessMemory
GetCurrentThread
GetModuleFileNameA
MultiByteToWideChar
GetVersion
CompareStringA
CompareStringW
lstrlenA
InterlockedExchange
CreateThread
ExitProcess
Sleep
DuplicateHandle
CreateFileA
GetCurrentProcess
CloseHandle
Module32Next
Module32First
GetCurrentProcessId
CreateToolhelp32Snapshot
VirtualProtect
VirtualQuery
OutputDebugStringW
OutputDebugStringA
lstrcpyA
GetProcAddress
FindResourceA
GetModuleHandleA
LoadLibraryA
LoadResource
LockResource
GetLastError
SizeofResource
SetLastError
WideCharToMultiByte
GetTickCount
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
VirtualFree
HeapCreate
MulDiv
GlobalUnlock
GlobalLock
GetVersionExA
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
GlobalFree
LocalFree
FormatMessageA
GlobalAlloc
GetModuleFileNameW
InterlockedDecrement
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
WritePrivateProfileStringA
WaitForSingleObject
FileTimeToSystemTime
FileTimeToLocalFileTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetThreadLocale
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
SetErrorMode
HeapReAlloc
HeapAlloc
VirtualAlloc
GetSystemInfo
HeapFree
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy

user32

GetWindowPlacement
IntersectRect
CallWindowProcA
DefWindowProcA
CopyRect
EqualRect
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
MessageBoxA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
UpdateWindow
SetForegroundWindow
TrackPopupMenu
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
DispatchMessageA
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
IsChild
WinHelpA
RegisterWindowMessageA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
DestroyMenu
GetMenuState
GetWindowThreadProcessId
CheckMenuItem
ModifyMenuA
DrawTextExA
GetSysColor
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
ValidateRect
TranslateMessage
GetMessageA
CharNextA
GetSysColorBrush
UnregisterClassA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
DrawTextA
TabbedTextOutA
GetWindowTextLengthA
GetNextDlgGroupItem
LoadCursorA
GetCursorPos
KillTimer
GetWindowRect
GetCapture
GetSystemMenu
ReleaseCapture
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
InvalidateRect
IsZoomed
IsIconic
EnableMenuItem
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
SetMenuItemBitmaps
GrayStringA
GetWindow
GetWindowTextA
GetMenuCheckMarkDimensions
GetFocus
CharUpperA
GetSystemMetrics
GetWindowLongA
SetWindowLongA
LoadBitmapA
GetDesktopWindow
IsWindowVisible
LoadIconA
DrawIcon
SetCursor
RedrawWindow
FindWindowA
InflateRect
ScreenToClient
SetWindowPos
WindowFromPoint
SetCapture
OffsetRect
DestroyIcon
SetTimer
SendMessageA
ClientToScreen
SystemParametersInfoA
PostMessageA
EnableWindow
GetKeyState
PtInRect
GetParent
SetRect
GetActiveWindow
DrawIconEx
SetMenuDefaultItem
SetWindowRgn
GetClientRect

gdi32

DeleteObject
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
GetViewportExtEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetClipBox
SetMapMode
CreateRoundRectRgn
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
SetTextColor
SetBkMode
SetBkColor
RestoreDC
TextOutA
GetRgnBox
GetMapMode
CreateRectRgnIndirect
GetTextColor
GetBkColor
SaveDC
GetDeviceCaps
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
BitBlt
GetStockObject
StretchBlt
CreateRectRgn
GetPixel
CombineRgn

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA

shell32

ShellExecuteA

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleFlushClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
OleIsCurrentClipboard
OleUninitialize

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ws2_32

WSAStartup

netapi32

Netbios

snmpapi

SnmpUtilVarBindFree
SnmpUtilOidNCmp
SnmpUtilOidCpy

dbghelp

ImageDirectoryEntryToData

oleacc

CreateStdAccessibleObject
LresultFromObject

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

oleaut32

SysAllocStringByteLen
OleCreateFontIndirect
VariantCopy
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysAllocString
VariantInit
VariantChangeType
VariantClear

Exports

Exports

?AfxGetMacAddress@@YA?AV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@AAV12@@Z
?AfxPrintAllMacList@@YAXXZ

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26b14ca766a4b88d6454fffc4206e9c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

oledlg

ws2_32

netapi32

snmpapi

dbghelp

oleacc

winspool.drv

comdlg32

oleaut32

Exports

Exports

Sections

.text Size: 236KB - Virtual size: 236KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 236KB - Virtual size: 236KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 80KB - Virtual size: 80KB