a0d5ce54639c29409d60d5efba4551bec0e6200acf823ce60052de4beca716e4

Sharing

Copy URL

Twitter E-mail

General

Target

a0d5ce54639c29409d60d5efba4551bec0e6200acf823ce60052de4beca716e4
Size

142KB
MD5

6db039a90d80fe78d73b419bf651d51b
SHA1

2b8b73e777650100c80e06a7588ea77cafbde061
SHA256

a0d5ce54639c29409d60d5efba4551bec0e6200acf823ce60052de4beca716e4
SHA512

cdc3a9bde3469511919404a74650112959cb8e9c631695ae5180bf43ea264ada375fcd6e62a218491a77ba8cd619909268959510e053218e2a6acf3544cade13
SSDEEP

3072:GI+4b9pOwqivyZblBKwpD5TrXvmLrEgYBYQklTUFAO8PVTd8:1GwnvyZblBKwpD5TrXvmcB56Ug

Score

N/A

Malware Config

Signatures

Files

a0d5ce54639c29409d60d5efba4551bec0e6200acf823ce60052de4beca716e4
.exe windows x86

bc9f71214dd839af6c48243d7e8aa12a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
ExitProcess
VirtualProtectEx
LocalFree
GetComputerNameA
GetSystemTime
WaitForSingleObject
GetCurrentThread
CreateMutexA
Sleep
InitializeCriticalSection
GetModuleHandleA
SystemTimeToFileTime
LoadResource
FormatMessageA
RemoveDirectoryA
GetLastError
GetProcAddress
GetLocaleInfoA
MoveFileA
SetEndOfFile
FindResourceA
GlobalFree
InterlockedExchange
GetSystemInfo
GetFileTime
UnmapViewOfFile
LocalAlloc
SetThreadPriority
GetVersionExA
MapViewOfFile
GetTempPathA
GlobalUnlock
lstrcatA
ResumeThread
GetVersion
LockResource
GetDiskFreeSpaceA
lstrlenW
GetCurrentThreadId
GetTickCount
lstrcmpA
GetFileAttributesA
WritePrivateProfileStringA
CloseHandle
InterlockedIncrement
GetPrivateProfileStringA
SetFileAttributesA
FileTimeToSystemTime
IsBadReadPtr
GlobalLock
CreateFileMappingA
DeleteCriticalSection
HeapDestroy
MultiByteToWideChar
GetThreadPriority
LoadLibraryA
GlobalMemoryStatus
lstrlenA
CreateProcessA
WriteFile
SetFileTime
GetStartupInfoA
GetVolumeInformationA
CreateFileA
GetDriveTypeA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
EnterCriticalSection
SetFilePointer
InterlockedDecrement
GetFileSize
ReadFile
lstrcpyA
GlobalAlloc
GetProcessHeap

user32

SetMenuItemInfoA
GetDesktopWindow
GetCapture
ClientToScreen
GetClientRect
PostQuitMessage
IsZoomed
GetTopWindow
SetCapture
SetWindowContextHelpId
MapDialogRect
EqualRect
LoadBitmapA
SetWindowLongA
GetMessagePos
PostThreadMessageA
SendMessageA
GetKeyState
IsRectEmpty
LockWindowUpdate
WaitMessage
LoadMenuA
InflateRect
RemoveMenu
GetCursorPos
CreateWindowExA
PostMessageA
SetTimer
GetMenu
GetSubMenu
DrawFrameControl
EnableMenuItem
CreatePopupMenu
SetRect
UnionRect
GetMessageA
GetSystemMetrics
DrawTextA
ReleaseDC
LoadImageA
ReleaseCapture
ShowCaret
UnhookWindowsHookEx
InvalidateRect
wvsprintfA
IsIconic
GetDC
RegisterClipboardFormatA
HideCaret
PtInRect
SetCursor
DestroyCaret
UpdateWindow
KillTimer
DeferWindowPos
GetMenuItemInfoA
GetMenuStringA
CopyRect
IntersectRect
BeginDeferWindowPos
SetCaretPos
IsMenu
GetDCEx
TrackPopupMenu
AdjustWindowRectEx
GetMenuItemID
AppendMenuA
InsertMenuA
DrawIconEx
OffsetRect
WindowFromPoint
PeekMessageA
RegisterWindowMessageA
GetWindow
SetWindowPos
RedrawWindow
GetSysColor
GetParent
GetSystemMenu
CheckMenuItem
GetDlgCtrlID
LoadCursorA
GetWindowLongA
GetMenuState
MessageBoxA
FillRect
SetRectEmpty
SetForegroundWindow
GetClassLongA
DeleteMenu
GetWindowRect
ModifyMenuA
BringWindowToTop
CallNextHookEx
GetMenuDefaultItem
GetMenuItemCount
CreateCaret
MapWindowPoints
SetWindowsHookExA
EnableWindow
SystemParametersInfoA
ScreenToClient
IsWindowVisible
SetMenuDefaultItem
GetNextDlgTabItem
SetParent
IsWindow
DispatchMessageA
DestroyMenu
DrawEdge
FlashWindow
EndDeferWindowPos
GetActiveWindow

gdi32

SetBitmapBits
CreateRectRgn
GetBitmapBits
DeleteDC
Polygon
GetStockObject
StretchDIBits
BitBlt
RectInRegion
SetTextColor
CreatePatternBrush
StretchBlt
PatBlt
GetCurrentObject
GetDIBits
DeleteObject
ExtTextOutA
CreateSolidBrush
CreateCompatibleBitmap
CreateFontIndirectA
CreateCompatibleDC
CreateRectRgnIndirect
GetTextExtentPointA
SelectObject
CreateDCA
GetDeviceCaps
GetTextMetricsA
SetDIBits
CombineRgn
CreateDIBitmap
GetObjectA
CreateBitmap
TextOutA
Rectangle
GetTextExtentPoint32A

advapi32

RegSetKeySecurity
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegConnectRegistryA
RegQueryInfoKeyA
RegSaveKeyA
RegSetValueExA
RegLoadKeyA
RegGetKeySecurity
RegReplaceKeyA
RegQueryValueExA
RegEnumKeyExA
RegRestoreKeyA
RegDeleteValueA
RegNotifyChangeKeyValue
RegUnLoadKeyA
RegCreateKeyExA
RegFlushKey

shell32

SHBrowseForFolderA
SHFileOperationA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoCreateGuid
CoGetClassObject
CLSIDFromString
CoTaskMemFree
StringFromCLSID
StringFromGUID2
CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString
VariantClear

comctl32

ImageList_EndDrag
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetImageCount
ord8
ImageList_DragLeave
ImageList_AddMasked
ImageList_BeginDrag

winmm

mciSendCommandA
mciGetErrorStringA
mciSendStringA
PlaySoundA

wininet

InternetAutodialHangup
InternetDial
InternetGetConnectedState

wsock32

ntohs
recv
inet_addr
getsockname
WSAAsyncSelect
bind
connect
htons
socket
closesocket
listen
ioctlsocket
getpeername
shutdown
WSAGetLastError
accept
gethostbyname
send
WSASetLastError

oledlg

ord4

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIStreamOpenFromFileA
AVIFileInit
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIFileExit

msvcrt

_itoa
__setusermatherr
wcslen
vsprintf
fseek
_open
strncpy
isalnum
_controlfp
free
gmtime
atoi
__RTtypeid
fgets
_close
isalpha
rand
_mbschr
_exit
_CIasin
time
??1type_info@@UAE@XZ
_purecall
_ftol
__getmainargs
strncat
fopen
_mbctolower
qsort
_setjmp3
_mbctoupper
__dllonexit
__set_app_type
_mbscmp
fclose
_setmbcp
srand
_XcptFilter
ctime
_mbsinc
wcscpy
fprintf
_lseek
_ftime
_onexit
_chdrive
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_chdir
??8type_info@@QBEHABV0@@Z
_CIacos
clock
malloc
_endthread
sprintf
__p__fmode
_strdup
__CxxFrameHandler
memmove
floor
_fstat
_adjust_fdiv
_acmdln
longjmp
ftell
_CxxThrowException
_CIpow
atof
?terminate@@YAXXZ
atol
localtime
__RTDynamicCast
_except_handler3
_beginthread
__p__commode
exit
_initterm
isdigit

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc9f71214dd839af6c48243d7e8aa12a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

wininet

wsock32

oledlg

avifil32

msvcrt

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 63KB - Virtual size: 104KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 63KB - Virtual size: 104KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 2KB - Virtual size: 2KB