55ab93d1be6b741a132490a2bcd47911dd80d589a7647e4e525eeed605ac2eb9

Sharing

Copy URL Twitter E-mail

General

Target

55ab93d1be6b741a132490a2bcd47911dd80d589a7647e4e525eeed605ac2eb9
Size

391KB
MD5

026ffc01a5f9227684b0be0e0dcdcf70
SHA1

cce42d08cb02d23b9770bffce9c9daa46f466472
SHA256

55ab93d1be6b741a132490a2bcd47911dd80d589a7647e4e525eeed605ac2eb9
SHA512

80261abfa2f62acac13856074ef3f472f5f9c55d5908ce8b494adb26443b615372c21d9dca214e2742ee9502c4aa12ee2c22afb66e5970dc4ef53aad58051bf8
SSDEEP

6144:Ahq1qgWovA3MWLjLrpFmFZkFH0DhMDEi9QOeUwm/mpU1qyC:AAhnA3MWLjvpFmFD9i9QOer0cuhC

Score

N/A

Malware Config

Signatures

Files

55ab93d1be6b741a132490a2bcd47911dd80d589a7647e4e525eeed605ac2eb9
.exe windows x86

34d3d078aa8e0bc7dfb7f6170b9f8ce5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

skinui

??0Layout@ui@@QAE@XZ
?DropTargetDrop@CSkinWindow@@UAEJPAUIDataObject@@AAUtagPOINT@@@Z
?DropTargetDragOver@CSkinWindow@@UAEJAAUtagPOINT@@@Z
?DropTargetDragLeave@CSkinWindow@@UAEJXZ
?DropTargetDragEnter@CSkinWindow@@UAEJPAUIDataObject@@AAUtagPOINT@@@Z
?CreateSkinObj@CSkinCtrl@@UAEPAUISkin@@AAVCXMLElement@@PAUIQvodCallBack@@@Z
?HideChild@CSkinCtrl@@UAEXPB_W@Z
?ShowChild@CSkinCtrl@@UAEXPB_W@Z
?GetSkinObj@CSkinWindow@@UAEPAUISkin@@FF@Z
?EnableChildCtrls@CSkinCtrl@@UAEXH@Z
?Update@CSkinCtrl@@UAEXXZ
?Paint@CSkinCtrl@@UAEXH@Z
?DragMouseUp@CSkinCtrl@@UAEHFF@Z
?DragMouseMove@CSkinCtrl@@UAEHFF@Z
?DragMouseOut@CSkinCtrl@@UAEHXZ
?DragMouseIn@CSkinCtrl@@UAEHFF@Z
?GetTips@CSkinCtrl@@UAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?OnCommandRange@CSkinWindow@@UAEJGGPAUHWND__@@AAH@Z
?OnCommand@CSkinWindow@@UAEJIIJAAH@Z
?OnKillFocus@CSkinWindow@@UAEJIIJAAH@Z
?OnCtlColor_Static@CSkinWindow@@UAEJIIJAAH@Z
?OnCtlColor_Edit@CSkinWindow@@UAEJIIJAAH@Z
?OnRButtonUp@CSkinWindow@@UAEJIIJAAH@Z
?OnRButtonDown@CSkinWindow@@UAEJIIJAAH@Z
?OnNotifyRange@CSkinWindow@@UAEJIPAUtagNMHDR@@AAH@Z
?OnUnInitMenuPopup@CSkinWindow@@UAEJIIJAAH@Z
?OnMeasureItem@CSkinWindow@@UAEJIIJAAH@Z
?OnDrawItem@CSkinWindow@@UAEJIIJAAH@Z
?OnMenuSelect@CSkinWindow@@UAEJIIJAAH@Z
?OnInitMenuPopup@CSkinWindow@@UAEJIIJAAH@Z
?OnKeyUp@CSkinWindow@@UAEJIIJAAH@Z
?OnKeyDown@CSkinWindow@@UAEJIIJAAH@Z
?OnSysKeyUp@CSkinWindow@@UAEJIIJAAH@Z
?OnMouseWheel@CSkinWindow@@UAEJIIJAAH@Z
?OnLButtonDblClk@CSkinWindow@@UAEJIIJAAH@Z
?OnMouseLeave@CSkinWindow@@UAEJIIJAAH@Z
?OnLButtonUp@CSkinWindow@@UAEJIIJAAH@Z
?OnLButtonDown@CSkinWindow@@UAEJIIJAAH@Z
?OnMouseHover@CSkinWindow@@UAEJIIJAAH@Z
?OnMouseMove@CSkinWindow@@UAEJIIJAAH@Z
?OnExitSizeMove@CSkinWindow@@UAEJIIJAAH@Z
?OnEnterSizeMove@CSkinWindow@@UAEJIIJAAH@Z
?Init@Layout@ui@@QAEXAAVCXMLElement@@@Z
?OnSize@CSkinWindow@@UAEJIIJAAH@Z
?OnEraseBkgnd@CSkinWindow@@UAEJIIJAAH@Z
?StartWindowProc@?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@SGJPAUHWND__@@IIJ@Z
??0CSkinWindow@@QAE@XZ
??1CSkinWindow@@UAE@XZ
?OnClose@CSkinWindow@@UAEJIIJAAH@Z
_InitSkinUI@8
?ResetSkin@CSkinWindow@@UAEHPB_W@Z
?FindChild@CSkinCtrl@@UAEPAUISkin@@PB_WH@Z
?SetChildText@CSkinCtrl@@UAEJPB_W0@Z
?Clear_@CSkinWindow@@UAEXXZ
?GetTipsID@CSkinCtrl@@UAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?IsShowRectContain@CSkinCtrl@@UAEHFF@Z
?DragCheckData@CSkinCtrl@@UAEHPAUIDataObject@@@Z
?OnDrag@CSkinCtrl@@UAEJIJJ@Z
?OnKey@CSkinCtrl@@UAEHG@Z
?OnWheel@CSkinWindow@@UAEHF@Z
?OnDblClick@CSkinCtrl@@UAEHFF@Z
?OnMouseMove@CSkinCtrl@@UAEHFF@Z
?OnRButtonDown@CSkinCtrl@@UAEHFF@Z
?OnRButtonUp@CSkinCtrl@@UAEHFF@Z
?OnMouseDrag@CSkinCtrl@@UAEHFF@Z
?OnMouseUp@CSkinCtrl@@UAEHFF@Z
?OnMouseDown@CSkinCtrl@@UAEHFF@Z
?OnMouseMoveOut@CSkinCtrl@@UAEHXZ
?OnMouseMoveIn@CSkinCtrl@@UAEHFF@Z
?OnTimer@CSkinWindow@@UAEHXZ
?IsSkinWindow@CSkinWindow@@UAEHXZ
?IsEnable@CSkinCtrl@@UAEHXZ
?IsVisible@CSkinCtrl@@UAEHXZ
?GetCtrlRect@CSkinCtrl@@UAEHPB_WAAVRect@Gdiplus@@@Z
?CheckCursor@CSkinWindow@@UAEHFF@Z
?GetID@CSkinCtrl@@UAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?DoLayout@Layout@ui@@QAEXHH@Z
?ClearAll@CSubWndHost@@QAEXXZ
?DestroyWindow@?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@QAEHXZ
_UnInitSkinUI@0
?SetChildState@CSkinCtrl@@UAEXPB_WW4skin_state@@@Z
??ACSubWndHost@@QAEPAVCSkinWindow@@PB_W@Z
?OnPaint@CSkinWindow@@UAEXXZ
?ProcessWindowMessage@CSkinWindow@@UAEHPAUHWND__@@IIJAAJK@Z
?GetWindowProc@?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAEP6GJPAUHWND__@@IIJ@ZXZ
?OnFinalMessage@?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@UAEXPAUHWND__@@@Z
?GetRect@Layout@ui@@QAEAAVRect@Gdiplus@@XZ
?EventNotify_@CSkinWindow@@UAEJIJJ@Z
?SetLangResourceHandle@CUICmdHost@@QAEXPAUHINSTANCE__@@@Z
?AddToolTips@CUICmdHost@@QAEXPB_WI@Z
?AddToolTips@CUICmdHost@@QAEXPB_W0@Z
?Instance@CUICmdHost@@SAAAV1@XZ
?OnSizing@CSkinWindow@@UAEJIIJAAH@Z
?OnTimer@CSkinWindow@@UAEJIIJAAH@Z
?GetSkinType@CSkinCtrl@@UAE?AW4skin_type@@XZ
?Method_@CSkinCtrl@@UAEJPB_WJJ@Z
?Create@CSkinWindow@@UAEPAUHWND__@@PAU2@V_U_RECT@ATL@@PB_WKKV_U_MENUorID@4@PAX@Z
?InitRFType@CSkinWindow@@UAEHAAVCXMLElement@@@Z
?ResetSkinElement@CSkinWindow@@UAEXXZ
?CheckBorder@CSkinWindow@@UAEJFF@Z
?ResizeParent@CSkinWindow@@UAEXFF@Z
?GetSkinSnaps@CSkinWindow@@UAEXXZ
?SetSkinSnaps@CSkinWindow@@UAEXXZ
?FindRestoreDate@CSkinWindow@@UAEHPB_W0@Z
?SetUseFlag@CSkinWindow@@UAEXXZ
?DoDragDrop@CSkinWindow@@UAEXPAUISkin@@PAUDragDropDataPara@drop@ui@@@Z
?DrawImg@CSkinWindow@@UAEXXZ
?ResetRegion@CSkinWindow@@UAEXXZ
?OnCreate@CSkinWindow@@UAEJIIJAAH@Z
?wc@?1??GetWndClassInfo@CSkinWindow@@SAAAU_ATL_WNDCLASSINFOW@ATL@@XZ@4U34@A
?ShutterDisplay@CSkinWindow@@UAEXHH@Z
?ShutterHidden@CSkinWindow@@UAEXH@Z
?SetState@CSkinWindow@@UAEXW4skin_state@@@Z
?Hide@CSkinCtrl@@UAEXXZ
?Show@CSkinCtrl@@UAEXXZ
?Paint@CSkinWindow@@UAEXPAVGraphics@Gdiplus@@@Z
?ReLayout@CSkinCtrl@@UAEHXZ
?Layout@CSkinWindow@@UAEHFF@Z
?ExitThread@CSkinWindow@@UAEXXZ
?Init_@CSkinWindow@@UAEHAAVCXMLElement@@PAUIQvodCallBack@@@Z

kernel32

GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
ReadFile
GetStartupInfoA
GetFileType
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
VirtualAlloc
VirtualFree
HeapCreate
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
SetLastError
QueryPerformanceCounter
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsFree
GetTempPathW
GetCurrentProcessId
GetCurrentThreadId
DeleteFileW
GetModuleHandleExW
lstrcpynW
SetUnhandledExceptionFilter
CreateFileW
GetTickCount
WideCharToMultiByte
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
RaiseException
lstrlenW
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleW
LoadLibraryExW
FreeLibrary
CreateEventW
OpenEventW
CreateDirectoryW
GetModuleFileNameW
GetLastError
GetCurrentProcess
CreateThread
Sleep
CloseHandle
WaitForSingleObject
OutputDebugStringW
InterlockedDecrement
GetExitCodeThread
InterlockedIncrement
CreateProcessW
GetVersionExW
lstrcpyW
GetFileAttributesW
GetEnvironmentVariableW
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW

user32

TranslateMessage
GetClientRect
DdeInitializeW
DdeCreateStringHandleW
DdeConnect
DdeClientTransaction
DdeFreeDataHandle
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
PostQuitMessage
FindWindowW
GetParent
GetClassNameW
ShowWindow
IsIconic
SendMessageW
GetWindow
SystemParametersInfoW
GetWindowRect
GetSystemMetrics
WindowFromPoint
SetFocus
ScreenToClient
GetCursorPos
SetWindowLongW
SetParent
CharNextW
DispatchMessageW
KillTimer
GetMessageW
IsWindowVisible
IsWindow
SetWindowPos
SetTimer
PostMessageW
GetWindowTextW

gdi32

DeleteObject

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
CryptAcquireContextW
RegSetValueExW
CryptReleaseContext
CryptDestroyKey
CryptDecrypt
CryptSetKeyParam
CryptImportKey

shell32

ShellExecuteW

ole32

CoCreateInstance
OleUninitialize
CoTaskMemAlloc
OleInitialize
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VarUI4FromStr
VariantInit
SysAllocString
VariantClear

shlwapi

PathFindFileNameW
PathFileExistsW

comctl32

ord17

gdiplus

GdiplusStartup
GdiplusShutdown

ws2_32

WSACleanup
WSAStartup

wininet

DeleteUrlCacheEntryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netutil

NetUtil_CreateHttp
NetUtil_DestroyHttp

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34d3d078aa8e0bc7dfb7f6170b9f8ce5

Headers

DLL Characteristics

File Characteristics

Imports

skinui

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

ws2_32

wininet

version

netutil

dbghelp

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 82KB - Virtual size: 84KB