4b1036c2e2486b4980799a9e15519bf04cadaf103074da65595b4dca76e1d356

Sharing

Copy URL

Twitter E-mail

General

Target

4b1036c2e2486b4980799a9e15519bf04cadaf103074da65595b4dca76e1d356
Size

626KB
MD5

0016e24df3661e238cdc5aa1145d8dd0
SHA1

51fcc4262641171106273fc8a3096e0c8ab28ecf
SHA256

4b1036c2e2486b4980799a9e15519bf04cadaf103074da65595b4dca76e1d356
SHA512

7f403c57cb9c8bc9d4386eae5d45860e820ce269f853fe23b108906228b34b02c282e61005567b0ebee87a70cc52aabadc9297d58934d0985da5c3e6ef72fac1
SSDEEP

12288:WUdab0/brjQS8y9cIPtGhkjZs60Mnnk8/aDaHAV:Wjg/3XRjZs60Mk

Score

N/A

Malware Config

Signatures

Files

4b1036c2e2486b4980799a9e15519bf04cadaf103074da65595b4dca76e1d356
.exe windows x86

ec9088492cb4a95f28ca4cb961fa9820

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
TerminateProcess
GetTempPathW
GetTempFileNameW
WriteFile
CreateFileW
GetFileType
GetFileSize
ReadFile
CreateDirectoryW
GetFileAttributesW
Sleep
GetDateFormatW
GetTimeFormatW
FindFirstFileW
FindNextFileW
FindClose
GetFullPathNameW
GetLocalTime
DeleteFileW
LockResource
GlobalHandle
GlobalFree
CompareStringW
GetLocaleInfoA
GetModuleFileNameA
GetFileAttributesA
FormatMessageW
FormatMessageA
CreateDirectoryA
CompareStringA
FreeResource
SetUnhandledExceptionFilter
GlobalAlloc
lstrcmpW
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
LoadLibraryW
GetProcAddress
GetUserDefaultLCID
GetLocaleInfoW
CreateFileMappingW
OutputDebugStringW
MapViewOfFile
CreateEventW
CreateMutexW
DuplicateHandle
GetCurrentProcessId
GetModuleFileNameW
CreateProcessW
GetSystemDirectoryW
WaitForSingleObject
SetEvent
ReleaseMutex
CloseHandle
UnmapViewOfFile
GetCommandLineW
lstrcmpiW
InterlockedIncrement
RaiseException
GetLastError
lstrcpyW
lstrlenW
MultiByteToWideChar
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetVersionExW
lstrcpynW
GlobalLock
GlobalUnlock
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
GetComputerNameExW
SetLastError
LocalFree
LocalAlloc
InterlockedExchange
LoadLibraryA
InterlockedDecrement
GetVersionExA
OpenProcess
GetStartupInfoW
WideCharToMultiByte

msvcrt

wcscpy
wcslen
wcschr
_ftime64
??2@YAPAXI@Z
_snwprintf
_vsnwprintf
_ltow
wcspbrk
wcsstr
_purecall
memmove
realloc
free
??3@YAXPAX@Z
iswalpha
malloc
wcsrchr
wcsncpy
wcsspn
_wcsnicmp
wcsncat
swprintf
_wcsicmp
wcscmp
wcscat
wcsncmp
_wtol
_itow
_wtoi
swscanf
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm

advapi32

DeregisterEventSource
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyW
ReportEventW
RegisterEventSourceW
RegSetValueW
RegEnumKeyExW

gdi32

Rectangle
SetBkMode
ExtTextOutW
CreateFontIndirectW
SetStretchBltMode
StretchBlt
SetTextColor
SetBkColor
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectW
GetDeviceCaps
GetTextExtentPoint32W
SetDCBrushColor
GdiFlush
GetStockObject
DeleteObject
CreatePen
SetROP2

user32

GetWindowTextA
GetWindowThreadProcessId
GetWindowPlacement
SystemParametersInfoA
GetCursor
GetClassLongW
WinHelpW
CharLowerBuffW
WaitMessage
UnregisterClassW
RegisterClassW
GetWindowTextLengthA
SendMessageA
LoadStringA
SetScrollInfo
GetScrollInfo
SetCursor
GetKeyState
IsDialogMessageW
GetMenuState
EqualRect
InsertMenuW
FlashWindow
IsIconic
TranslateAcceleratorW
DeleteMenu
CheckMenuRadioItem
CheckMenuItem
GetMenu
GetMenuItemCount
GetMenuItemID
InsertMenuItemW
FindWindowExW
GetNextDlgTabItem
LoadIconW
InflateRect
DrawTextW
GetSubMenu
EnableMenuItem
TrackPopupMenuEx
DestroyMenu
EnumDesktopWindows
IsRectEmpty
ShowScrollBar
CreateDialogIndirectParamW
SetParent
GetSystemMetrics
KillTimer
SetTimer
ClientToScreen
GetMessageTime
GetCapture
GetCursorPos
IsWindowEnabled
ScreenToClient
ChildWindowFromPointEx
EnableWindow
CopyRect
MoveWindow
GetActiveWindow
MessageBeep
DialogBoxIndirectParamW
DialogBoxParamW
GetLastActivePopup
UpdateWindow
OffsetRect
IntersectRect
SetRect
SetForegroundWindow
GetWindowTextLengthW
CreateAcceleratorTableW
SystemParametersInfoW
MapWindowPoints
GetWindowTextW
SetWindowTextW
EndDialog
GetParent
GetClassNameW
RedrawWindow
BeginPaint
FillRect
EndPaint
GetFocus
IsChild
GetWindow
GetDlgItem
GetDesktopWindow
InvalidateRgn
ReleaseDC
GetDC
SetCapture
ReleaseCapture
GetSysColor
CreateDialogParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
IsWindow
ShowWindow
PostMessageW
CharNextW
GetClientRect
GetWindowRect
SetWindowPos
IsWindowVisible
SetFocus
PostQuitMessage
SetMenuItemInfoW
LoadMenuW
LoadAcceleratorsW
SendMessageW
InvalidateRect
CallWindowProcW
GetWindowLongW
SetWindowLongW
DefWindowProcW
CreateWindowExW
DestroyIcon
GetClassInfoExW
LoadCursorW
LoadImageW
RegisterClassExW
LoadStringW
wsprintfW
DestroyWindow
PostThreadMessageW
RegisterWindowMessageW
RegisterWindowMessageA

ole32

ReleaseStgMedium
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
StringFromCLSID
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoUninitialize
CoInitialize
RevokeDragDrop
RegisterDragDrop
CoCreateInstanceEx
CoSuspendClassObjects

oleaut32

SysAllocString
LoadTypeLi
RegisterTypeLi
SysStringLen
VarUI4FromStr
LoadRegTypeLi
SysAllocStringLen
VariantClear
VariantChangeType
OleCreatePropertyFrame
DispCallFunc
VariantInit
GetErrorInfo
SysFreeString

comctl32

ImageList_Destroy
InitCommonControlsEx
PropertySheetW
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_Create
ImageList_ReplaceIcon
CreateStatusWindowW

winmm

mixerGetID
waveInGetDevCapsA
waveInGetNumDevs
mixerGetNumDevs
mixerGetDevCapsW
mixerOpen
mixerGetLineInfoW
mixerGetLineControlsW
mixerClose
mixerGetControlDetailsW
mixerSetControlDetails

imm32

ImmAssociateContext

ws2_32

WSAStringToAddressW

Sections

.text
Size: 397KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec9088492cb4a95f28ca4cb961fa9820

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

gdi32

user32

ole32

oleaut32

comctl32

winmm

imm32

ws2_32

Sections

.text Size: 397KB - Virtual size: 396KB

.data Size: 46KB - Virtual size: 60KB

.rsrc Size: 182KB - Virtual size: 183KB

.text
Size: 397KB - Virtual size: 396KB

.data
Size: 46KB - Virtual size: 60KB

.rsrc
Size: 182KB - Virtual size: 183KB