1d8029f0ee743c97c1e27e46f59535f60488018c28885927e065cd870a2800ec

Sharing

Copy URL Twitter E-mail

General

Target

1d8029f0ee743c97c1e27e46f59535f60488018c28885927e065cd870a2800ec
Size

864KB
MD5

6008b6899e736141a6c8f4d21938aae0
SHA1

1ecb0bb0f71500b4c369491353de586f25ba47da
SHA256

1d8029f0ee743c97c1e27e46f59535f60488018c28885927e065cd870a2800ec
SHA512

37280abf820531f6037ce93b1bb8768e69bdf7b7206f7bf0ae0b8a77eb33c63b210eabc21fdc6078ea46a91b040a774810e6f2453505de74123d3b43eb26d19b
SSDEEP

24576:Uhjwq4K3IyzuDwNzBnL0wA7fPEWvJsRJ3zeP6R5dtCzlGbM:UedK3IyzuDwNp/A7fsVeeS

Score

N/A

Malware Config

Signatures

Files

1d8029f0ee743c97c1e27e46f59535f60488018c28885927e065cd870a2800ec
.exe windows x86

eac1f6a1c9588be9ac3d22a21f2dc566

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
IsValidCodePage
GetOEMCP
SetStdHandle
GlobalUnlock
DuplicateHandle
HeapReAlloc
GetCPInfo
GetExitCodeThread
GetVersion
EnterCriticalSection
LoadLibraryW
GetProcAddress
GetStringTypeW
SetConsoleCtrlHandler
LCMapStringW
GetFileInformationByHandle
TlsGetValue
FindNextFileW
ResetEvent
WriteConsoleW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
CancelIo
SetErrorMode
GetSystemDirectoryW
SetEndOfFile
CopyFileW
InterlockedDecrement
GlobalSize
SetLastError
HeapQueryInformation
LoadLibraryA
GetLastError
TerminateProcess
GetVersionExW
LockResource
TlsAlloc
GetProcessAffinityMask
CreateFileW
OutputDebugStringW
GetThreadPriority
SetThreadExecutionState
GetStdHandle
GetSystemTimeAsFileTime
MoveFileExW
HeapCreate
GetModuleFileNameW
SetEvent
HeapAlloc
CloseHandle
SetThreadPriority
InterlockedIncrement
HeapSetInformation
FindClose
QueryPerformanceFrequency
RemoveDirectoryW
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
FreeEnvironmentStringsW
GetFileAttributesW
ReadDirectoryChangesW
LeaveCriticalSection
FindFirstFileW
VirtualAlloc
InterlockedExchange
SizeofResource
GlobalAlloc
GetConsoleMode
lstrlenW
ReadFile
LocalFileTimeToFileTime
SetFilePointer
QueryPerformanceCounter
GetEnvironmentStringsW
TlsFree
WriteFile
GetFileTime
FileTimeToLocalFileTime
GetTickCount
VirtualFree
lstrlenA
GetStartupInfoA
GetModuleHandleA
LocalFree
RaiseException
GetCurrentProcessId
CreateMutexW
VirtualProtect
GetModuleHandleW
FindResourceW
CreateThread
IsProcessorFeaturePresent
GetConsoleCP
FileTimeToSystemTime
ExitThread
FlushInstructionCache
WaitForMultipleObjects
GetProcessHeap
GetCurrentThreadId
SleepEx
GetSystemInfo
MulDiv
SystemTimeToFileTime
CreateEventW
TlsSetValue
GetFileSize
Sleep
LocalAlloc
HeapDestroy
HeapSize
UnhandledExceptionFilter
DeleteFileW
SetHandleCount
FindResourceExW
GetCurrentThread
GetCurrentProcess
VirtualQuery
GetFileType
ExitProcess
GetFileAttributesExW
GlobalFree
InterlockedCompareExchange
FreeLibrary
WaitForSingleObject
MultiByteToWideChar
GetOverlappedResult
FlushFileBuffers
GetACP
GetCommandLineW
SetUnhandledExceptionFilter
RtlUnwind
GlobalLock
GetStartupInfoW
ResumeThread
HeapFree

user32

EnableWindow
GetMessageW
CloseClipboard
MessageBeep
GetMessagePos
ScreenToClient
DrawEdge
UnregisterClassW
DrawIconEx
FillRect
IntersectRect
GetWindowRect
CopyRect
UnhookWindowsHookEx
DrawTextW
SetWindowTextW
EnumChildWindows
TranslateAcceleratorW
GetDlgCtrlID
DestroyMenu
GetDlgItem
LoadAcceleratorsW
MapDialogRect
GetMenu
GetParent
CreateWindowExW
GetMenuItemCount
SetTimer
EndDeferWindowPos
RegisterShellHookWindow
AdjustWindowRect
RegisterClassW
IsClipboardFormatAvailable
IsCharAlphaW
GetSystemMetrics
DeregisterShellHookWindow
SendDlgItemMessageW
SetMenuItemInfoW
RegisterClipboardFormatW
GetClientRect
GetWindowThreadProcessId
MonitorFromRect
EmptyClipboard
SetClipboardData
GetMenuItemInfoW
DestroyIcon
PostMessageW
KillTimer
SetWindowsHookExW
UnregisterClassA
IsWindowEnabled
GetMonitorInfoW
RegisterWindowMessageW
CreatePopupMenu
GetWindowDC
GetWindowTextW
OffsetRect
IsChild
GetComboBoxInfo
ShowWindow
SetForegroundWindow
TrackPopupMenu
DefWindowProcW
UnregisterHotKey
GetGuiResources
SetWindowLongW
GetClassNameW
CheckMenuRadioItem
LoadCursorW
IsDialogMessageW
MapWindowPoints
EndDialog
MsgWaitForMultipleObjects
DialogBoxParamW
CharLowerW
EndPaint
DispatchMessageW
SetFocus
GetWindowLongW
LoadIconW
MoveWindow
SetLayeredWindowAttributes
SetCursor
SetCapture
SetActiveWindow
CharUpperW
EnumWindows
GetActiveWindow
GetFocus
GetKeyState
DeferWindowPos
MessageBoxW
DestroyAcceleratorTable
RegisterHotKey
IsIconic
TrackPopupMenuEx
CallNextHookEx
GetScrollInfo
RedrawWindow
SendMessageW
TranslateMessage
GetWindowPlacement
MapVirtualKeyW
GetDC
LoadImageW
GetClassInfoExW
OpenClipboard
CreateDialogParamW
GetSysColor
InvalidateRect
wsprintfW
ReleaseDC
GetClipboardData
EnumThreadWindows
DestroyWindow
CallWindowProcW
UpdateWindow
AdjustWindowRectEx
AppendMenuW
SetWindowPos
SetDlgItemTextW
BeginDeferWindowPos
IsWindowVisible
ClientToScreen
PeekMessageW
AllowSetForegroundWindow
MonitorFromPoint
BeginPaint
WindowFromPoint
PostQuitMessage
RegisterClassExW

gdi32

SetBkColor
GetTextExtentPoint32W
SetDCBrushColor
GetStockObject
SetWindowOrgEx
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SelectObject
DeleteDC
SetTextColor
SetBkMode
GetObjectW
ExtTextOutW
OffsetWindowOrgEx

advapi32

RegDeleteValueW
CryptDestroyHash
CryptImportKey
CryptVerifySignatureW
CryptReleaseContext
RegOpenKeyW
RegCloseKey
CryptGetHashParam
CryptDestroyKey
RegQueryInfoKeyW
CryptHashData
CryptCreateHash
RegCreateKeyExW
RegEnumKeyExW
CryptAcquireContextW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegEnumValueW

ole32

CreateStreamOnHGlobal
OleSetClipboard
OleGetClipboard
CoCreateInstance
ReleaseStgMedium
OleUninitialize
CoInitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoUninitialize

shlwapi

StrCmpLogicalW
SHAutoComplete
ColorHLSToRGB
SHDeleteKeyW

crypt32

CertVerifyRevocation
CertCloseStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertFindCertificateInStore
CertOpenSystemStoreW
CertVerifyTimeValidity
CertFreeCertificateContext

iphlpapi

AddIPAddress

secur32

DeleteSecurityContext
FreeCredentialsHandle
QueryContextAttributesW
EncryptMessage
AcquireCredentialsHandleW
DecryptMessage
FreeContextBuffer
ApplyControlToken
InitializeSecurityContextW

oledlg

ord8

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.teg3
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mwer3
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eac1f6a1c9588be9ac3d22a21f2dc566

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

crypt32

iphlpapi

secur32

oledlg

Sections

.text Size: 63KB - Virtual size: 62KB

.teg3 Size: 70KB - Virtual size: 70KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 25KB - Virtual size: 72KB

.mwer3 Size: 683KB - Virtual size: 682KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 63KB - Virtual size: 62KB

.teg3
Size: 70KB - Virtual size: 70KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 25KB - Virtual size: 72KB

.mwer3
Size: 683KB - Virtual size: 682KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB