5beb5b478c4371919c6b0d338118a4a8bb11ec38858ce1ea9ee6606f8c455b9a

Sharing

Copy URL

Twitter E-mail

General

Target

5beb5b478c4371919c6b0d338118a4a8bb11ec38858ce1ea9ee6606f8c455b9a
Size

852KB
MD5

4c5d897ff6ce79fe270bcc6ad8652bc1
SHA1

2fa409fb44bde86d2c9426be5ba8f322b56271c0
SHA256

5beb5b478c4371919c6b0d338118a4a8bb11ec38858ce1ea9ee6606f8c455b9a
SHA512

20f45a37e5b587110efd47b2dc9b5a4b39947bbc26f2288d4972583b67af854a080326a5d90984d88771533efde6aeee0c72d5ebf7dc48cc8522cb0cff3eed18
SSDEEP

12288:I9SVINXejXOIOaoav+Xvn/Oa44+/N4H1mYy48GgmVSj7bP7iuz6sTLSCbbVNqF5:aNTIO0GXPGa4jT9jGP6bTqF5

Score

N/A

Malware Config

Signatures

Files

5beb5b478c4371919c6b0d338118a4a8bb11ec38858ce1ea9ee6606f8c455b9a
.exe windows x86

fef9dd808cb97af0c96970b350cb185e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidFromStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdipDeleteBrush
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateSolidFill
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFont
GdipAlloc
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipSetSmoothingMode
GdipFillClosedCurve2I
GdipFree

nvexpbar

ord7
g_sEBI
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetThemeBackgroundContentRect
DrawThemeBackground
ord10
ord11
ord9
IsThemeActive
ord2
ord1
ord8

kernel32

FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
GetStartupInfoW
RtlUnwind
IsBadReadPtr
ExitProcess
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
SetErrorMode
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetTempPathW
GetProfileIntW
SearchPathW
GetTickCount
GetCurrentThread
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetThreadLocale
GetLastError
lstrcpyW
GetCurrentThreadId
InterlockedExchange
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
DeleteFileW
MoveFileW
GetVersion
GlobalGetAtomNameW
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
lstrcmpW
GetVersionExA
LoadLibraryA
FindResourceExW
OpenMutexW
GetSystemDirectoryW
CreateMutexW
ReleaseMutex
FormatMessageW
LocalFree
CreateFileW
CloseHandle
GetLocaleInfoW
FindFirstFileW
FindClose
GetACP
GetFileAttributesW
WideCharToMultiByte
lstrlenA
GetProcAddress
lstrcatW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
GetModuleFileNameW
SizeofResource
LoadLibraryW
FreeLibrary
MulDiv
FindResourceW
LoadResource
LockResource
InterlockedDecrement
InterlockedIncrement
lstrcpynW
lstrcmpiW
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetVersionExW
GetLocaleInfoA
HeapDestroy

user32

TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
ShowOwnedPopups
DestroyCursor
LockWindowUpdate
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
CreateMenu
GetTabbedTextExtentA
EndDialog
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuStringW
InsertMenuW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetDlgItemTextW
GetCapture
GetClassInfoExW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
ValidateRect
GetClassInfoW
SetWindowPlacement
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowDC
CallWindowProcW
LoadAcceleratorsW
EndDeferWindowPos
GetClassLongW
GetSystemMetrics
SetParent
GetWindow
GetDCEx
GetSystemMenu
AppendMenuW
SystemParametersInfoW
DrawIcon
LoadImageW
FindWindowW
SetForegroundWindow
EnumDisplaySettingsW
SetWindowTextW
GetCursorPos
GetKeyState
OffsetRect
InflateRect
FillRect
DestroyMenu
LoadMenuIndirectW
GetMenuItemInfoW
DeleteMenu
WindowFromPoint
ScreenToClient
RegisterWindowMessageW
GetFocus
SetFocus
EnumChildWindows
ReleaseCapture
wsprintfW
SetCapture
SetMenu
LoadMenuW
RemoveMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
SetRectEmpty
GetDesktopWindow
CopyRect
GetWindowTextLengthW
GetWindowTextW
RegisterClassW
DefWindowProcW
BeginPaint
EndPaint
IsRectEmpty
GetDlgCtrlID
InvalidateRect
LoadBitmapW
GetWindowLongW
CreateWindowExW
GetParent
DrawTextW
TrackMouseEvent
PostMessageW
SetCursor
DestroyIcon
CreateDialogParamW
WinHelpW
GetDC
ReleaseDC
GetDialogBaseUnits
PostQuitMessage
IsZoomed
CharUpperW
UnpackDDElParam
SetScrollInfo
ReuseDDElParam
IsDialogMessageW
MoveWindow
SetWindowLongW
CharNextW
SetRect
DestroyWindow
IsWindowEnabled
LoadIconW
DrawIconEx
UnhookWindowsHookEx
LoadCursorW
GetSysColorBrush
RegisterClassExW
GetSysColor
SetWindowsHookExW
IsWindow
CallNextHookEx
ClientToScreen
KillTimer
SetTimer
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
GetActiveWindow
CreateDialogIndirectParamW
BeginDeferWindowPos
GetNextDlgTabItem
RedrawWindow
IsWindowVisible
SetWindowRgn
DrawFrameControl
PtInRect
ShowWindow
UpdateWindow
GetClientRect
SendMessageTimeoutW
GetDlgItem
SetWindowPos
UnregisterClassW
EnableWindow
GetWindowRect
SendMessageW
IsChild

gdi32

SetBkColor
SetMapMode
GetMapMode
CreateBitmap
CreateDCW
SetBrushOrgEx
GetTextCharset
GetBkColor
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
PatBlt
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
CreatePen
CreateRectRgnIndirect
SetRectRgn
StretchDIBits
GetCharWidthW
StartPage
EndPage
SetAbortProc
AbortDoc
CreateEllipticRgn
LPtoDP
Ellipse
GetViewportOrgEx
Rectangle
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextExtentPoint32A
GetWindowOrgEx
SetDIBitsToDevice
CreateFontW
SetViewportOrgEx
GetTextColor
EnumFontFamiliesW
ExtTextOutW
CreateDIBSection
CreateCompatibleBitmap
OffsetWindowOrgEx
DeleteDC
GetClipBox
BitBlt
CreateCompatibleDC
SetBkMode
SetTextColor
GetTextFaceW
GetTextMetricsW
GetTextExtentPointW
DeleteObject
EndDoc
StartDocW
DPtoLP
GetDeviceCaps
FrameRgn
GetRgnBox
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
GetObjectW
CreateFontIndirectW
CreateSolidBrush
GetTextExtentPoint32W
SelectObject
ScaleWindowExtEx
GetStockObject

msimg32

AlphaBlend

comdlg32

GetFileTitleW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW

winspool.drv

ClosePrinter
DocumentPropertiesW
GetJobW
OpenPrinterW

advapi32

RegQueryValueW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
RegSetValueW
RegOpenKeyW
SetFileSecurityW
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyW
GetFileSecurityW

shell32

SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteExW
ShellExecuteW
ExtractAssociatedIconW
ExtractIconW

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Create
ord17
ImageList_Destroy
ImageList_SetBkColor
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathFindExtensionW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
SHGetValueW

oledlg

OleUIBusyW

ole32

StringFromGUID2
CLSIDFromString
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoGetMalloc
CoCreateInstance
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoTaskMemFree

oleaut32

LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysAllocString
VarUI4FromStr
SysFreeString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 432KB - Virtual size: 430KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.irdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fef9dd808cb97af0c96970b350cb185e

Headers

File Characteristics

Imports

rpcrt4

version

gdiplus

nvexpbar

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 432KB - Virtual size: 430KB

.rdata Size: 120KB - Virtual size: 116KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 204KB - Virtual size: 203KB

.irdata Size: 76KB - Virtual size: 76KB

.text
Size: 432KB - Virtual size: 430KB

.rdata
Size: 120KB - Virtual size: 116KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 204KB - Virtual size: 203KB

.irdata
Size: 76KB - Virtual size: 76KB