07192339a2d0c72185e5cefb203379ed587202466f3fb0b8dc97c2196ef8fd8e

Sharing

Copy URL

Twitter E-mail

General

Target

07192339a2d0c72185e5cefb203379ed587202466f3fb0b8dc97c2196ef8fd8e
Size

216KB
MD5

406653aa47f49d838f641d7962d62d6d
SHA1

c60109876f06e50a9577d4e0aaa0ebab4367f8fb
SHA256

07192339a2d0c72185e5cefb203379ed587202466f3fb0b8dc97c2196ef8fd8e
SHA512

6ddbd5027c94b9733566d9046727e12b4f27ef912b2c4c7c1d6a66809c934b1faf12d1ba8c0846f4160e0fe4c7fa28cb45df5286d068807ce39c8cb80bbd8d80
SSDEEP

6144:f6a+2gxfG6n6nAmGmV2tAwWUbVFCsFaRAKeC:f5+2k3eAmFTiCssRAj

Score

N/A

Malware Config

Signatures

Files

07192339a2d0c72185e5cefb203379ed587202466f3fb0b8dc97c2196ef8fd8e
.exe windows x86

c45575300b038be5ac6ca003d53c30b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
CreateMutexW
GlobalGetAtomNameW
DosDateTimeToFileTime
IsBadReadPtr
GetSystemTime
FileTimeToSystemTime
GetSystemDefaultLCID
MultiByteToWideChar
lstrcmpA
WaitForMultipleObjects
CreateNamedPipeA
AddAtomA
GetLogicalDriveStringsA
GetVersion
LoadLibraryA
SetErrorMode
lstrlenW
ReplaceFileW
GetUserDefaultLCID
lstrcpy
GetProcAddress
EnumTimeFormatsW
GlobalFindAtomA
SuspendThread
GetDiskFreeSpaceA
GetCurrentDirectoryW
FatalAppExitA
IsDebuggerPresent
GetModuleHandleA
GetTimeFormatW
GetFileAttributesW
BeginUpdateResourceW
lstrcpyA
DisconnectNamedPipe
lstrlenA
CreateSemaphoreA
lstrcmpi
GetExitCodeProcess
lstrcpyn
GetFullPathNameW

user32

CheckMenuRadioItem
EnumDesktopsW
SetCursorPos
PostMessageA
InsertMenuW
SetDlgItemInt
MessageBeep
AnimateWindow
GetActiveWindow
PeekMessageW
UpdateLayeredWindow
IsWindow
EmptyClipboard
SetDlgItemTextW
GetDlgItemTextA
LoadImageW
CopyImage
PeekMessageA
GetSubMenu
AppendMenuA
DefWindowProcW
GetWindowTextW
EnumDesktopsW
GetMenuItemInfoW
GetClassLongA
LoadMenuIndirectA
ClientToScreen
AppendMenuW
EnumDesktopsA
CascadeWindows
DestroyWindow
CreatePopupMenu
MonitorFromRect
ArrangeIconicWindows
OffsetRect
DialogBoxParamA
CreateDesktopA
GetDlgItemInt
InvalidateRect
EndDialog
GetCaretPos
InsertMenuA
EnumClipboardFormats
CreateIcon
SendDlgItemMessageW
GetWindowTextLengthA
LoadMenuW
GetScrollPos

gdi32

Ellipse
GetFontData
SetAbortProc
GetLayout
AddFontResourceW
PolyPolygon
PolyPolyline
SetBitmapDimensionEx
CreateDCA
GetTextFaceW
GetCharABCWidthsFloatW
CreateFontIndirectExA
SetBoundsRect
GetTextAlign
ScaleWindowExtEx

advapi32

RegDeleteValueA
RegQueryValueA
RegSetValueW
RegReplaceKeyW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegQueryValueW

shell32

SHCreateDirectoryExA
StrStrA
DuplicateIcon
SHBrowseForFolder

comdlg32

ReplaceTextW
ChooseFontW
ReplaceTextA
PrintDlgW
FindTextW
PageSetupDlgA
PrintDlgA
LoadAlterBitmap
PrintDlgExA

ole32

CoGetInstanceFromIStorage
BindMoniker
CoCreateInstance
CoUninitialize
OleCreateEx
CoInitializeEx
CreateFileMoniker
CoFreeLibrary

oleaut32

VarI2FromCy
VarCyFromI2
VarCyCmp
VarUI4FromR4
VarUI8FromUI4

version

GetFileVersionInfoSizeW
VerFindFileW
VerInstallFileW

wininet

InternetCanonicalizeUrlA
HttpSendRequestExW
InternetWriteFileExA
FindCloseUrlCache
FtpFindFirstFileW
GopherFindFirstFileA
GopherFindFirstFileW
InternetGetPerSiteCookieDecisionW
FindFirstUrlCacheEntryA
FtpCommandA
FindNextUrlCacheEntryW
InternetSetDialStateA
InternetCreateUrlA
InternetTimeFromSystemTime
FindNextUrlCacheContainerA

winspool.drv

SetPrinterDataW
AddPrinterW

oledlg

OleUIConvertA
OleUIBusyA
OleUIEditLinksW
OleUICanConvertOrActivateAs
OleUIUpdateLinksW
OleUIAddVerbMenuW
OleUIInsertObjectA
OleUIAddVerbMenuA
OleUIBusyW

sqlunirl

_FindFirstFile_@8
_BeginUpdateResource_@8
_GetKeyboardLayoutName_@4
_GetTimeFormat_@24
_GetUserObjectInformation_@20
_RemoveDirectory_@4
_OpenFile_@12

wsock32

accept
WSAAsyncGetServByName
ioctlsocket
getsockname
WSASetBlockingHook
AcceptEx
WSAAsyncGetServByPort
getprotobynumber
WSAStartup
select
gethostbyaddr

crypt32

CertDeleteCTLFromStore
CertRDNValueToStrA
CryptSIPRemoveProvider
CryptVerifyMessageHash
CryptVerifySignatureU
CryptGetOIDFunctionValue
RegSetValueExU

Sections

.rdata
Size: 1024B - Virtual size: 44KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 28KB

IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c45575300b038be5ac6ca003d53c30b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

ole32

oleaut32

version

wininet

winspool.drv

oledlg

sqlunirl

wsock32

crypt32

Sections

.rdata Size: 1024B - Virtual size: 44KB

.rdata Size: 1KB - Virtual size: 28KB

.rdata Size: 1KB - Virtual size: 6KB

.edata Size: 16KB - Virtual size: 15KB

.rdata Size: 6KB - Virtual size: 5KB

.edata Size: 1024B - Virtual size: 3KB

.rdata Size: 1024B - Virtual size: 14KB

.rdata Size: 1KB - Virtual size: 2KB

.edata Size: 1024B - Virtual size: 5KB

.data Size: 10KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 40KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 44KB

.rdata
Size: 1KB - Virtual size: 28KB

.rdata
Size: 1KB - Virtual size: 6KB

.edata
Size: 16KB - Virtual size: 15KB

.rdata
Size: 6KB - Virtual size: 5KB

.edata
Size: 1024B - Virtual size: 3KB

.rdata
Size: 1024B - Virtual size: 14KB

.rdata
Size: 1KB - Virtual size: 2KB

.edata
Size: 1024B - Virtual size: 5KB

.data
Size: 10KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 40KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 4KB