1b04251dc2b1fe2b74e5689dd6cded28cac0b5c2f204fd5131bc7ea612e4a5bb

Sharing

Copy URL

Twitter E-mail

General

Target

1b04251dc2b1fe2b74e5689dd6cded28cac0b5c2f204fd5131bc7ea612e4a5bb
Size

1.0MB
MD5

019317c808492218f75a11d04c72d780
SHA1

3b8cb6bb63ec800043aad088fbef67c8923f80ef
SHA256

1b04251dc2b1fe2b74e5689dd6cded28cac0b5c2f204fd5131bc7ea612e4a5bb
SHA512

30d72e669c536d77e0d2815ba9610ca253cda3180ae8ea4db86ac8b4e31ae3b7dfd88a305d395d1707cf9416a384d60b2d4ab9af0632c15c9fdecc71dc06ee1a
SSDEEP

24576:sGt+igEhxI9qg8RVMdEU5vNYGp7oS7C+/k5QS:eWsqjzMdNNY7x

Score

N/A

Malware Config

Signatures

Files

1b04251dc2b1fe2b74e5689dd6cded28cac0b5c2f204fd5131bc7ea612e4a5bb
.exe windows x86

8477b749dc3bf7a1075fbcde2eab224d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
SetLastError
UnmapViewOfFile
GetLocalTime
MapViewOfFile
GetFileType
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
WriteFile
FlushFileBuffers
CompareFileTime
SetThreadPriority
Sleep
CreateMutexA
CreateMutexW
CreateFileA
CreateFileW
CreateFileMappingA
CreateFileMappingW
GetFullPathNameA
GetFullPathNameW
GetLongPathNameA
GetLongPathNameW
LCMapStringA
LCMapStringW
DeleteFileA
GetDriveTypeA
GetDriveTypeW
GetTempFileNameA
GetTempFileNameW
GetFileAttributesA
ReleaseMutex
CreateEventA
GetModuleFileNameW
GetLocaleInfoW
LoadLibraryA
MoveFileW
GetTempPathA
FindFirstFileA
GetModuleHandleA
CreateDirectoryW
RemoveDirectoryW
GetPrivateProfileStringW
GetVersionExA
InterlockedExchange
IsValidLocale
GetVolumeInformationW
SetErrorMode
GetWindowsDirectoryW
GetSystemDirectoryW
FreeLibrary
GetProcAddress
GetExitCodeThread
GetFileAttributesExW
DeviceIoControl
GetVersion
QueryDosDeviceW
GetUserGeoID
HeapAlloc
lstrcmpiW
GetTimeFormatW
GetUserDefaultLangID
GetSystemInfo
SystemTimeToFileTime
CopyFileW
ExitProcess
GetSystemTime
CreateEventW
WaitForMultipleObjects
SetEvent
GetProcessHeap
HeapFree
CreateThread
WaitForSingleObject
GetModuleHandleW
GetUserDefaultLCID
GetDateFormatW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalSize
RaiseException
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
GetFileAttributesW
CloseHandle
FindResourceW
LoadResource
LockResource
LocalFree
MultiByteToWideChar
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
HeapDestroy
FindClose
FindNextFileW
FindFirstFileW
SetFileAttributesW
DeleteFileW
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedCompareExchange
DebugBreak
WideCharToMultiByte
GetVersionExW
GetThreadLocale
CompareStringW
GetLastError
GetStartupInfoW
GetWindowsDirectoryA
GetACP
lstrcpyA
lstrcatA
FileTimeToSystemTime
TerminateProcess
GetCurrentProcess
lstrlenW
lstrlenA
lstrcpynW
UnhandledExceptionFilter
SetUnhandledExceptionFilter

msvcrt

bsearch
_ultow
wcscmp
wcstombs
_wcsupr
iswspace
memmove
towupper
towlower
??2@YAPAXI@Z
wcsspn
_controlfp
_onexit
__dllonexit
__set_app_type
__p__fmode
wcsstr
wcsrchr
wcsncmp
_wcsnicmp
_except_handler3
??3@YAXPAX@Z
_c_exit
_exit
_XcptFilter
_cexit
exit
wcscspn
__wgetmainargs
_initterm
strncpy
_stricmp
swprintf
atol
qsort
abs
rand
wcscat
malloc
free
srand
_beginthreadex
wcscpy
wcsncpy
strchr
isspace
toupper
realloc
_strnicmp
_vsnprintf
ceil
isdigit
isxdigit
iswcntrl
__CxxFrameHandler
memcpy
_snwprintf
memset
__setusermatherr
_wtol
_vsnwprintf
_wcsicmp
wcschr
wcspbrk
iswascii
_adjust_fdiv
_wcmdln
atoi
memcmp
floor
wcstoul
_wtoi64
iswalnum
_wtoi
iswdigit
wcslen
swscanf
_purecall
_CIpow
__p__commode

advapi32

SetFileSecurityW
GetSecurityDescriptorLength
GetSecurityDescriptorControl
IsValidSecurityDescriptor
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyW
RegEnumKeyA
GetUserNameA
RegEnumValueW
RegSetValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetFileSecurityW

shlwapi

PathUndecorateW
PathGetCharTypeA
PathRemoveBackslashW
PathRemoveFileSpecW
UrlCombineW
PathMakeSystemFolderW
PathGetCharTypeW

ole32

CoUninitialize
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
OleSaveToStream
OleLoadFromStream
PropVariantCopy
GetHGlobalFromStream
StringFromGUID2
CoInitializeEx
CoGetMalloc
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateGuid
PropVariantClear
StringFromIID
CoCreateInstance
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CoReleaseMarshalData
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface

oleaut32

GetErrorInfo
SysStringByteLen
SysAllocString
SysStringLen
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantCopy
VariantInit
SysAllocStringByteLen
VariantClear
SysFreeString

gdi32

DeleteDC
DeleteObject
GetObjectW
CreateDIBSection
GetDIBColorTable
SelectObject
GetObjectA
GetObjectType
SetDIBColorTable
CreateICW
GetDeviceCaps
StretchBlt
MaskBlt
StretchDIBits
SetDIBitsToDevice
RectVisible
CreateCompatibleDC

user32

GetDesktopWindow
CreateWindowExW
CharNextW
GetSystemMetrics
GetMessageA
SetTimer
TranslateMessage
KillTimer
PostThreadMessageA
MessageBoxW
MsgWaitForMultipleObjects
DispatchMessageW
GetWindowLongW
SendMessageW
GetCursorPos
PtInRect
OffsetRect
WindowFromDC
CopyRect
MonitorFromRect
GetMonitorInfoW
DestroyWindow
UnregisterClassW
IsWindow
wsprintfA
PeekMessageW
CharNextA
MapWindowPoints

comctl32

InitCommonControlsEx

shell32

SHChangeNotify
SHParseDisplayName
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHFileOperationW

mpr

WNetAddConnection2W
WNetGetConnectionW
WNetCancelConnection2W

urlmon

CoGetClassObjectFromURL
CreateURLMoniker
CreateAsyncBindCtx

winmm

mmioOpenW
mmioSeek
mmioDescend
mmioAscend
mmioRead
mmioClose
timeBeginPeriod
timeEndPeriod
timeGetTime

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetCrackUrlW
InternetQueryOptionA
UnlockUrlCacheEntryFileW
InternetSetOptionA
RetrieveUrlCacheEntryFileW

avifil32

AVIFileInfoW
AVIFileRelease
AVIFileOpenW
AVIFileInit
AVIFileExit
AVIFileAddRef
AVIStreamRelease
AVIStreamSampleToTime
AVIStreamLength
AVIStreamReadFormat
AVIStreamInfoW
AVIFileGetStream

msimg32

TransparentBlt

Sections

.text
Size: 824KB - Virtual size: 821KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8477b749dc3bf7a1075fbcde2eab224d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

shlwapi

ole32

oleaut32

gdi32

user32

comctl32

shell32

mpr

urlmon

winmm

version

wininet

avifil32

msimg32

Sections

.text Size: 824KB - Virtual size: 821KB

.data Size: 136KB - Virtual size: 153KB

.rsrc Size: 4KB - Virtual size: 992B

.text Size: 64KB - Virtual size: 64KB

.text
Size: 824KB - Virtual size: 821KB

.data
Size: 136KB - Virtual size: 153KB

.rsrc
Size: 4KB - Virtual size: 992B

.text
Size: 64KB - Virtual size: 64KB