fe6b03630b1ac00171b4f2f1918930b1194069ef5fe88a2822bd8678e50fc208

Sharing

Copy URL Twitter E-mail

General

Target

fe6b03630b1ac00171b4f2f1918930b1194069ef5fe88a2822bd8678e50fc208
Size

945KB
MD5

07795aedf0c02a4eb7ee1263e850ab20
SHA1

d864f26fe4ce175cfd74a4d3111a31a28080a113
SHA256

fe6b03630b1ac00171b4f2f1918930b1194069ef5fe88a2822bd8678e50fc208
SHA512

fc3d6019f4ce6c09d4a714b24b7b6a57d052904d9b6a25ed78d08936316a912de65f8da74e1ff07c716ff9a8d38d2ef287698c7bffc57556eb5e0a2266dfa37b
SSDEEP

24576:KJsuOOG45L1oBBxbxxM90KgP7x8CsaQkcmnljZ3KHin:KJsuOOz5mBBDU0Kex87myK

Score

N/A

Malware Config

Signatures

Files

fe6b03630b1ac00171b4f2f1918930b1194069ef5fe88a2822bd8678e50fc208
.exe windows x86

7efa07f470ce50f92db45864c131c1f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GlobalLock
GlobalAlloc
OpenEventW
WideCharToMultiByte
lstrlenA
CreateThread
GetPrivateProfileStringW
GetPrivateProfileIntW
WriteFile
SetFilePointerEx
ReadFile
GetVersionExW
WritePrivateProfileStringW
SetFilePointer
FlushFileBuffers
SetEndOfFile
SetFileAttributesW
GetFileAttributesW
GetFileSizeEx
Process32NextW
OutputDebugStringW
Process32FirstW
CreateToolhelp32Snapshot
CopyFileW
CompareStringW
lstrcpyW
MulDiv
TerminateProcess
SetConsoleMode
ReadConsoleInputA
InterlockedIncrement
CreateFileW
DeviceIoControl
LoadLibraryW
GlobalUnlock
GlobalFree
SetLastError
GetCurrentProcess
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
GetVersion
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FlushInstructionCache
GetStartupInfoA
SetHandleCount
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualProtect
ExitThread
ExitProcess
RtlUnwind
GetFileType
SystemTimeToFileTime
LocalFileTimeToFileTime
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
OpenThread
TlsSetValue
TlsGetValue
ReleaseMutex
CreateFileA
GetSystemTimeAsFileTime
FormatMessageW
GetSystemTime
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
InterlockedExchange
CreateEventW
ResumeThread
TerminateThread
SetEvent
ResetEvent
WaitForMultipleObjects
Sleep
WaitForSingleObject
SetCurrentDirectoryW
GetWindowsDirectoryW
MoveFileW
MoveFileExW
FindNextFileW
FindFirstFileW
FindClose
CreateProcessW
GetTickCount
GetTempPathW
GetTempFileNameW
DeleteFileW
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
lstrlenW
CreateMutexW
GetLastError
GetCurrentProcessId
OpenProcess
GetModuleHandleW
RaiseException
GetProcAddress
CloseHandle
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetCurrentThreadId
FreeLibrary
FreeEnvironmentStringsW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection

user32

MessageBoxW
DefWindowProcW
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
UnregisterClassA
PostThreadMessageW
GetWindowLongW
SetWindowTextW
GetParent
DestroyWindow
CharNextW
GetDesktopWindow
GetDlgItem
IsDialogMessageW
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
GetWindow
GetWindowRect
SetForegroundWindow
DrawTextW
SendMessageW
FillRect
DrawIconEx
PtInRect
OffsetRect
CreateWindowExW
PostMessageW
ScreenToClient
GetWindowDC
ReleaseDC
InvalidateRect
GetClassInfoExW
LoadCursorW
BeginPaint
EndPaint
SetCursor
GetCursorPos
RegisterClassExW
CallWindowProcW
CreateDialogParamW
IsWindow
GetPropW
MonitorFromWindow
DispatchMessageW
TranslateMessage
GetMessageW
GetDialogBaseUnits
GetDC
DestroyIcon
ShowWindow
SetWindowLongW
IsIconic
LoadBitmapW
KillTimer
InflateRect
FrameRect
ClientToScreen
WindowFromPoint
MessageBeep
SetDlgItemTextW
SetTimer
SetPropW
LoadIconW
GetActiveWindow
GetClassNameW
DialogBoxParamW
DestroyCursor
GetCapture
GetSysColor
GetFocus
GetDlgCtrlID
SetFocus
IsWindowEnabled
UpdateWindow
DrawFocusRect
SetRectEmpty
RemovePropW
ReleaseCapture
FindWindowW
IsWindowVisible
SwitchToThisWindow
SetCapture
EnableWindow
MoveWindow
GetWindowTextLengthW
GetWindowTextW
EndDialog

gdi32

SetBkColor
SetBkMode
GetTextMetricsW
GetTextExtentPointW
GetStockObject
StretchBlt
CreateDIBSection
CreateFontIndirectW
SetDIBColorTable
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
CreatePen
ExtTextOutW
BitBlt
LineTo
MoveToEx
SetTextColor
GetTextColor
DeleteObject
SelectObject
DeleteDC
GetDIBColorTable
GetObjectW

advapi32

RegSetValueExW
ReportEventA
DeregisterEventSource
LookupAccountSidW
GetTokenInformation
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExA
RegisterEventSourceA

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize
CreateStreamOnHGlobal

oleaut32

SysAllocStringByteLen
VariantClear
SysStringLen
VarUI4FromStr
SysStringByteLen
VariantInit
SysFreeString
SysAllocString

shlwapi

PathIsDirectoryW
PathCombineW
PathIsRelativeW
PathRemoveFileSpecW
PathFileExistsW
SHGetValueW
PathAppendW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdiplusShutdown
GdipAlloc
GdipFree
GdipDisposeImage
GdipDeleteGraphics
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth

psapi

EnumProcesses
GetModuleFileNameExW

iphlpapi

GetAdaptersInfo

ws2_32

WSAStartup
socket
setsockopt
htons
bind
ioctlsocket
closesocket
WSACleanup
sendto
recvfrom
inet_ntoa
htonl
inet_addr

wininet

HttpQueryInfoW
HttpSendRequestW
InternetOpenUrlW
InternetReadFile
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle

Sections

.text
Size: 545KB - Virtual size: 544KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7efa07f470ce50f92db45864c131c1f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

psapi

iphlpapi

ws2_32

wininet

Sections

.text Size: 545KB - Virtual size: 544KB

.rdata Size: 160KB - Virtual size: 159KB

.data Size: 12KB - Virtual size: 31KB

.rsrc Size: 220KB - Virtual size: 224KB

.text
Size: 545KB - Virtual size: 544KB

.rdata
Size: 160KB - Virtual size: 159KB

.data
Size: 12KB - Virtual size: 31KB

.rsrc
Size: 220KB - Virtual size: 224KB