daf14e6751504d4d9cd5a45434761508939df44994e508bd70dc93eb72606368

Sharing

Copy URL Twitter E-mail

General

Target

daf14e6751504d4d9cd5a45434761508939df44994e508bd70dc93eb72606368
Size

734KB
MD5

6a9a60761e9b8b7a6c818fe07adc3990
SHA1

36756de92e398ee524e879f1763525b749630371
SHA256

daf14e6751504d4d9cd5a45434761508939df44994e508bd70dc93eb72606368
SHA512

bd33fdaea038f0b5f83ad48b77592141123400d31db172bf1efbffb8f4b044ec43c0dcf1b9fe41609fff9614e452e3e99cf8ff94e200e7f765b966277b8c9b5f
SSDEEP

12288:mkjM4eb5LfUD2ytk6FttDpMawaiMFJ2HF4P6IEiSPWNcgF:mF4SDUD24JVplfi2JSDI1

Score

N/A

Malware Config

Signatures

Files

daf14e6751504d4d9cd5a45434761508939df44994e508bd70dc93eb72606368
.exe windows x86

3890bf3fea70707f5507e57b404bc6b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW
ord155
SHGetMalloc
Shell_NotifyIconW
SHBrowseForFolderW
SHGetSpecialFolderLocation
DragAcceptFiles
SHGetDesktopFolder

comctl32

ImageList_Create
ImageList_GetIcon
InitCommonControlsEx
ImageList_ReplaceIcon

wininet

InternetOpenA
HttpSendRequestExA
HttpAddRequestHeadersA
InternetCrackUrlA
HttpOpenRequestA
InternetAttemptConnect
InternetCanonicalizeUrlA
HttpEndRequestA
InternetSetStatusCallback
InternetCloseHandle
HttpSendRequestA
InternetWriteFile
InternetSetFilePointer
InternetConnectA
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
InternetGetConnectedState
InternetGetLastResponseInfoA

mfc42

ord1576

gdi32

MoveToEx
SetWorldTransform
PatBlt
StretchBlt
Rectangle
RoundRect
ExcludeClipRect
Escape
PtInRegion
GetStockObject
GetDeviceCaps
SetROP2
CreateSolidBrush
CreateDIBSection
GetObjectW
CreateDCW
DeleteDC

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

kernel32

GetModuleFileNameA
TlsGetValue
GetTickCount
CloseHandle
SetEnvironmentVariableA
GetConsoleCP
CompareStringA
GetModuleHandleA
GetCurrentThreadId
ReadFile
VirtualAlloc
GetTimeZoneInformation
RtlUnwind
InterlockedIncrement
LoadLibraryW
HeapCreate
CreateMutexW
LoadLibraryA
MultiByteToWideChar
SetUnhandledExceptionFilter
GetACP
IsValidCodePage
GetEnvironmentStringsW
GetDateFormatA
GetProcAddress
WriteFile
WriteConsoleA
WriteConsoleW
GetCPInfo
SetHandleCount
TlsSetValue
GetOEMCP
GetConsoleMode
HeapFree
GetCurrentProcess
FreeEnvironmentStringsA
GetLastError
GetEnvironmentStrings
GetCurrentProcessId
VirtualQuery
GetStringTypeW
HeapSize
GetCommandLineA
SetStdHandle
CompareStringW
GetStartupInfoW
InterlockedExchange
GetLocaleInfoA
GetModuleHandleW
HeapReAlloc
GetFileType
GetModuleFileNameW
SetLastError
GetStringTypeA
InterlockedDecrement
VirtualFree
GetStdHandle
CreateFileA
RaiseException
GetStartupInfoA
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
TlsFree
FreeEnvironmentStringsW
DeleteCriticalSection
TlsAlloc
GetTimeFormatA
HeapAlloc
GetProcessHeap
GetConsoleOutputCP
GetSystemTimeAsFileTime
Sleep
InitializeCriticalSection
TerminateProcess
GetVersionExA
LCMapStringW
HeapDestroy
IsDebuggerPresent
QueryPerformanceCounter
ExitProcess
LCMapStringA
FlushFileBuffers
UnhandledExceptionFilter
WideCharToMultiByte
GetCommandLineW

user32

LoadIconW
RemoveMenu
GetWindowTextA
GetDlgItemInt
IsClipboardFormatAvailable
EnumChildWindows
GetWindow
SystemParametersInfoW
DestroyIcon
GetCapture
CallWindowProcW
wsprintfW
IsIconic
GetWindowRect
LoadStringW
MessageBoxW
ReleaseCapture
PtInRect
DrawFrameControl
DispatchMessageW
CloseClipboard
UnpackDDElParam
FillRect
OffsetRect
GetActiveWindow
DefWindowProcW
SetTimer
DestroyMenu
DestroyWindow
CreateWindowExW
SetActiveWindow
GetClientRect
ShowWindow
RegisterClassExW
LoadCursorW
InvalidateRect
RegisterClassW
GetSysColor
GetSysColorBrush

oleaut32

LoadTypeLi

advapi32

SetServiceStatus
RegOpenKeyExW
OpenProcessToken
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExA
InitializeSecurityDescriptor
RegDeleteKeyA
RegCloseKey
RegDeleteKeyW
DeleteService

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 467KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3890bf3fea70707f5507e57b404bc6b4

Headers

File Characteristics

Imports

shell32

comctl32

wininet

mfc42

gdi32

winspool.drv

kernel32

user32

oleaut32

advapi32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 467KB - Virtual size: 467KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 467KB - Virtual size: 467KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 45KB - Virtual size: 45KB