bee7f217ededaddc64967b55de996bf477808b93ff1d7bf7b56dbf73a13a25c5

Sharing

Copy URL Twitter E-mail

General

Target

bee7f217ededaddc64967b55de996bf477808b93ff1d7bf7b56dbf73a13a25c5
Size

1.5MB
MD5

5b417c430eab422318d3229de7b8f768
SHA1

2b304256c2d1f78d7ebc9e2d26c9a1ecb14332a1
SHA256

bee7f217ededaddc64967b55de996bf477808b93ff1d7bf7b56dbf73a13a25c5
SHA512

ad8883c032c2ac8f0e8d385684590869916e38239483e626d42d0d77737c6f44366ee489b8b5d360c6fb9b82ecf60c1c8a9dc89d74e4f2c1cc7b1d07a0bd800b
SSDEEP

24576:ZKMWhY/yTEOrx6NvT04FY7grQWP/f2lnBICL0yNdcYXPAcsG2y:ZdcwyTp6NvT04F8k3Xm6CwyNCmPlr

Score

N/A

Malware Config

Signatures

Files

bee7f217ededaddc64967b55de996bf477808b93ff1d7bf7b56dbf73a13a25c5
.exe windows x86

a819a8412b50fe9abb285d001069c4ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
GetVersionExW
SetEvent
LocalFree
LocalAlloc
CreateFileA
GetWindowsDirectoryW
ExpandEnvironmentStringsW
IsBadReadPtr
GetCurrentDirectoryW
CreateDirectoryW
GetUserDefaultUILanguage
FindClose
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetDriveTypeA
GetCurrentDirectoryA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
FreeResource
TlsFree
GetExitCodeProcess
TlsAlloc
TlsGetValue
GetModuleFileNameA
HeapCreate
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
CreateThread
ExitThread
GetFullPathNameW
IsDebuggerPresent
UnhandledExceptionFilter
FindFirstFileW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GlobalAlloc
GlobalLock
DuplicateHandle
CreatePipe
GetStdHandle
LoadLibraryA
GetSystemDefaultLangID
VirtualQuery
GetLogicalDriveStringsW
IsDBCSLeadByte
GetCPInfo
MoveFileW
SetFileAttributesW
WriteFile
lstrcpynW
SetUnhandledExceptionFilter
SearchPathW
GetProcessHeap
SetErrorMode
VirtualAllocEx
HeapAlloc
HeapFree
CreateEventW
WriteProcessMemory
TerminateProcess
GetPrivateProfileStringW
GetEnvironmentVariableW
WaitForSingleObject
CreateProcessW
ReadFile
CreateFileW
GetFileSize
GetCommandLineW
GetTempFileNameW
GetTickCount
RemoveDirectoryW
GetFileAttributesW
CreateToolhelp32Snapshot
MoveFileExW
ExitProcess
GetSystemTimeAsFileTime
Process32NextW
CopyFileW
FindNextFileW
GetOEMCP
OpenProcess
FlushInstructionCache
InitializeCriticalSection
LockResource
GetVersion
GetModuleFileNameW
FreeLibrary
GetProcAddress
InterlockedIncrement
DeleteCriticalSection
CreateFileMappingW
MultiByteToWideChar
UnmapViewOfFile
SetLastError
FindResourceW
LeaveCriticalSection
lstrlenW
GetSystemDirectoryW
CloseHandle
lstrlenA
LoadLibraryExW
lstrcmpiW
LoadResource
GetCurrentThreadId
GetModuleHandleW
GetCurrentProcess
WideCharToMultiByte
LoadLibraryW
CreateMutexW
RaiseException
FindResourceExW
SizeofResource
EnterCriticalSection
GetLastError
MapViewOfFileEx
ReleaseMutex
GetLocalTime
QueryDosDeviceW
SetFilePointer
GetTempPathW
Sleep
GetSystemInfo
GetCurrentProcessId
DeleteFileW
GetProcessTimes
GetModuleHandleA
Process32FirstW
InterlockedDecrement
TlsSetValue
DebugBreak

user32

CopyImage
LoadImageW
MoveWindow
GetClientRect
LoadStringW
SetRect
SendMessageW
GetClassInfoExW
GetWindowThreadProcessId
PeekMessageW
RegisterClassExW
SetWindowPos
GetParent
CharNextW
MapWindowPoints
DestroyWindow
LoadCursorW
ReleaseDC
InflateRect
GetMessageW
DispatchMessageW
IsWindow
CopyRect
UnregisterClassA
TranslateMessage
EnableWindow
GetForegroundWindow
ShowWindow
SetTimer
SetCapture
GetUserObjectInformationW
ReleaseCapture
OffsetRect
GetSystemMenu
GetKeyState
SetCursor
TrackPopupMenu
PtInRect
GetSystemMetrics
IsWindowVisible
GetSysColor
CloseDesktop
MonitorFromWindow
EndPaint
DrawIconEx
GetMonitorInfoW
GetDlgItem
GetThreadDesktop
GetProcessWindowStation
CallWindowProcW
CloseWindowStation
LoadIconW
GetDlgCtrlID
DefWindowProcW
UpdateLayeredWindow
DestroyIcon
PostQuitMessage
PostThreadMessageW
EqualRect
mouse_event
DrawTextW
KillTimer
ClientToScreen
BeginPaint
DrawFrameControl
FindWindowW
SendMessageTimeoutW
MsgWaitForMultipleObjects
PostMessageW
FindWindowExW
GetWindowLongW
SetWindowLongW
SetForegroundWindow
IsWindowEnabled
CreateWindowExW
GetWindow
GetWindowRect
AttachThreadInput
GetDesktopWindow
InvalidateRect
GetDC
SystemParametersInfoW
GetActiveWindow
SetActiveWindow

gdi32

CreateRectRgn
MoveToEx
SaveDC
RectInRegion
CreateSolidBrush
TextOutW
CreateRectRgnIndirect
LineTo
SelectClipRgn
GetTextExtentPoint32W
RestoreDC
RoundRect
CombineRgn
SetBkMode
GetObjectW
CreatePen
DeleteObject
CreateDIBSection
CreateFontIndirectW
CreateCompatibleBitmap
GetStockObject
SetTextColor
BitBlt
CreateCompatibleDC
Rectangle
DeleteDC
SelectObject
StretchBlt
SetBkColor
CreateBitmap
ExtTextOutW
GetClipRgn

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
SetNamedSecurityInfoW
AllocateAndInitializeSid
FreeSid
SetEntriesInAclW
RegRestoreKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenSCManagerW
DeleteService
ControlService
OpenServiceW
CloseServiceHandle
QueryServiceStatus
RegUnLoadKeyW
AdjustTokenPrivileges
RegQueryValueExW
OpenProcessToken
RegOpenKeyW
LookupPrivilegeValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
IsTextUnicode

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHChangeNotify

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
OleInitialize
OleUninitialize
CoTaskMemFree

oleaut32

VariantClear
SysAllocString
VariantInit
OleLoadPicture
VarUI4FromStr
SysFreeString

shlwapi

SHDeleteValueW
wnsprintfW
SHDeleteKeyW
PathAddBackslashW
StrToIntA
PathAppendW
PathFileExistsW

comctl32

_TrackMouseEvent

ws2_32

htonl
WSCDeinstallProvider
WSCEnumProtocols
htons

psapi

GetModuleFileNameExW
GetProcessMemoryInfo
GetProcessImageFileNameW

gdiplus

GdipDrawImageI
GdipDeleteGraphics
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipDrawImageRectI
GdipFree
GdipAlloc
GdipLoadImageFromStream
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetImageHeight
GdipDisposeImage
GdipCreateImageAttributes
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdiplusShutdown
GdipDrawImageRectRectI
GdiplusStartup
GdipGetImageWidth

wininet

InternetOpenW
InternetOpenUrlW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

fltlib

FilterUnload

crypt32

CryptQueryObject
CryptMsgGetParam
CertFindCertificateInStore
CertGetNameStringW

netapi32

Netbios

Sections

.text
Size: 664KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a819a8412b50fe9abb285d001069c4ce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

psapi

gdiplus

wininet

version

fltlib

crypt32

netapi32

Sections

.text Size: 664KB - Virtual size: 661KB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 688KB - Virtual size: 688KB

.text
Size: 664KB - Virtual size: 661KB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 688KB - Virtual size: 688KB