599619e7cdc9534578582f832851da7865cb33f7456d7b5edfc90dc20478c1d6

Sharing

Copy URL Twitter E-mail

General

Target

599619e7cdc9534578582f832851da7865cb33f7456d7b5edfc90dc20478c1d6
Size

1.1MB
MD5

363d91a1d39e16de304ffa0faf19ee60
SHA1

0f9dcc93e28e827596e4d2ec5e9f020aa9cf2209
SHA256

599619e7cdc9534578582f832851da7865cb33f7456d7b5edfc90dc20478c1d6
SHA512

a37aeaf79522afaf2e66c36c45f76a8635bddb24381b3c632bfb38f68418757e5d43befc914c8f2c6a360d2ef09569764bc57e88a35de50774359cec69ee3355
SSDEEP

24576:trBjXyJawFCBP3071y8ZI6nZVb2a0e6PZJMx1Ns8Op:t1jXtP3071yhTySJMx1NsBp

Score

N/A

Malware Config

Signatures

Files

599619e7cdc9534578582f832851da7865cb33f7456d7b5edfc90dc20478c1d6
.exe windows x86

14bdfcb5b65737609b41039a0ce40cfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netpas_core

Netpas_Clear
Netpas_GetCoreVersion
Netpas_GetDllVersion
Netpas_Get_QueryData
Netpas_Get_RedInfo
Netpas_Init
Netpas_Proc_GetCount
Netpas_Proc_GetInfo
Netpas_Proc_Kill
Netpas_Start
Netpas_Stop

advapi32

DeregisterEventSource
InitializeSecurityDescriptor
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegisterEventSourceA
ReportEventA
SetSecurityDescriptorDacl

gdi32

BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
ExtTextOutA
GetBkColor
GetDIBits
GetDeviceCaps
GetObjectA
GetPixel
GetStockObject
SelectObject
SetBkColor
SetBkMode
SetTextColor
TextOutA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FindFirstFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersion
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MoveFileExA
MulDiv
MultiByteToWideChar
OutputDebugStringA
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
lstrcpynA
lstrlenA

msvcrt

_fdopen
_fstat
_lseek
_read
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_errno
_exit
_fdopen
_filbuf
_flsbuf
_iob
_isctype
_onexit
_open_osfhandle
_pctype
_setmode
_stricmp
_vsnprintf
_wfopen
abort
atexit
atoi
atol
calloc
exit
fclose
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
getwc
iswctype
localeconv
localtime
malloc
memchr
memmove
mktime
pow
putwc
qsort
raise
realloc
setlocale
setvbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncpy
strstr
strtod
strtoul
strxfrm
time
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsstr
wcsxfrm

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

shell32

ShellExecuteA
Shell_NotifyIconA

user32

AppendMenuA
AttachThreadInput
BeginPaint
BringWindowToTop
CallWindowProcA
CheckDlgButton
CopyRect
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawTextA
EnableWindow
EndPaint
FillRect
FindWindowA
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetMessageA
GetParent
GetProcessWindowStation
GetSysColor
GetSystemMetrics
GetUpdateRect
GetUserObjectInformationW
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
IntersectRect
InvalidateRect
IsDialogMessageA
IsRectEmpty
IsWindow
KillTimer
LoadCursorA
LoadIconA
LoadImageA
LoadStringA
MessageBoxA
MoveWindow
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterWindowMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetRectEmpty
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMessage
UnregisterClassA
WindowFromDC

wininet

HttpQueryInfoA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
closesocket
gethostbyname
htons
inet_addr
recvfrom
select
sendto
socket

Sections

.text
Size: 646KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 233KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fvjdbsm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14bdfcb5b65737609b41039a0ce40cfd

Headers

File Characteristics

Imports

netpas_core

advapi32

gdi32

kernel32

msvcrt

ole32

oleaut32

shell32

user32

wininet

ws2_32

Sections

.text Size: 646KB - Virtual size: 645KB

.data Size: 26KB - Virtual size: 25KB

.rdata Size: 95KB - Virtual size: 94KB

.eh_fram Size: 152KB - Virtual size: 152KB

.bss Size: - Virtual size: 13KB

.idata Size: 8KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 233KB - Virtual size: 234KB

fvjdbsm Size: - Virtual size: 4KB

.text
Size: 646KB - Virtual size: 645KB

.data
Size: 26KB - Virtual size: 25KB

.rdata
Size: 95KB - Virtual size: 94KB

.eh_fram
Size: 152KB - Virtual size: 152KB

.bss
Size: - Virtual size: 13KB

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 233KB - Virtual size: 234KB

fvjdbsm
Size: - Virtual size: 4KB