91e47d116a5fb6edd1994041f9a2470ab0d344e0c09f26bd7d07e1ba4f887423

Sharing

Copy URL Twitter E-mail

General

Target

91e47d116a5fb6edd1994041f9a2470ab0d344e0c09f26bd7d07e1ba4f887423
Size

5.3MB
MD5

436577350e781e3e61deb07d9aa8fea0
SHA1

d8e32ff24dfed5097e7e919b4d8b4f95cbf7449a
SHA256

91e47d116a5fb6edd1994041f9a2470ab0d344e0c09f26bd7d07e1ba4f887423
SHA512

e3fa985ba174bd3e963d284724863b9145cf115ef83d9eb072476ce25db8b3480e2854604943f59ffc698220f2efdf97b1b9a2f6ebd57eb7e3d28ded99b4a2a8
SSDEEP

98304:fLc14zhRPsE9AahZaBRmo13jKLoF2nTB55ZpGt:jpJ9tXaBRmo1mo2nt7ZpGt

Score

N/A

Malware Config

Signatures

Files

91e47d116a5fb6edd1994041f9a2470ab0d344e0c09f26bd7d07e1ba4f887423
.exe windows x86

855fd4e49903b38ca153c70027956ac3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GlobalFlags
TlsGetValue
LocalReAlloc
GetProcessVersion
GlobalSize
FindResourceExA
GetCPInfo
RaiseException
GetOEMCP
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetACP
SetStdHandle
GetFileType
HeapFree
TerminateProcess
HeapSize
GetLocalTime
TlsSetValue
LCMapStringW
SetUnhandledExceptionFilter
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GlobalAddAtomA
ExitThread
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GlobalReAlloc
GetUserDefaultLCID
CompareStringW
SetConsoleCtrlHandler
GetLocaleInfoW
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalFileTimeToFileTime
GlobalAlloc
GetCurrentThread
GetProfileIntA
VirtualProtect
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetStringTypeExA
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GetFileTime
GetTempFileNameA
GlobalFree
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
LCMapStringA
GetCurrentThreadId
GetModuleFileNameA
FileTimeToLocalFileTime
GetFileSize
SetFilePointer
GetLastError
FormatMessageA
LocalFree
GetFileAttributesA
Sleep
MoveFileA
lstrlenA
lstrcmpA
FindNextFileA
lstrcpyA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
DeleteFileA
InterlockedExchange
GetProfileStringA
GlobalGetAtomNameA
GetSystemInfo
GlobalFindAtomA
GlobalDeleteAtom
GetShortPathNameA
SetEndOfFile
SetErrorMode
IsBadWritePtr
GetFullPathNameA
GlobalMemoryStatus
LocalAlloc
GetCurrentProcess
GetTickCount
GetWindowsDirectoryA
lstrcatA
WinExec
WideCharToMultiByte
lstrlenW
LockResource
LoadResource
FindResourceA
SizeofResource
SetEnvironmentVariableA
GetUserDefaultLangID
GetSystemDefaultLangID
SetLastError
SetCurrentDirectoryA
RemoveDirectoryA
CopyFileA
SetFileAttributesA
ReadFile
EnterCriticalSection
MulDiv
LeaveCriticalSection
ResumeThread
InitializeCriticalSection
TerminateThread
GetThreadPriority
SuspendThread
SetThreadPriority
SetEvent
WaitForMultipleObjects
WaitForSingleObject
FreeLibrary
CreateEventA
CreateThread
SetFileTime
LoadLibraryA
GetVersion
lstrcpynA
GetCurrentDirectoryA
CreateMutexA
GetTimeFormatA
GetNumberFormatA
GetDateFormatA
lstrcmpiA
GetThreadLocale
GetLocaleInfoA
SystemTimeToFileTime
CompareStringA
FileTimeToSystemTime
CreateFileA
GetLogicalDriveStringsA
WriteFile
MultiByteToWideChar
GetVolumeInformationA
GetTempPathA
GetDiskFreeSpaceA
GetModuleHandleA
GetProcAddress
GetVersionExA
GetDriveTypeA
CreateDirectoryA
HeapAlloc
GetSystemTime
HeapCreate
GetEnvironmentStringsW
HeapDestroy
SetHandleCount
FatalAppExitA
EnumSystemLocalesA

user32

ShowOwnedPopups
InvertRect
DefFrameProcA
PostQuitMessage
DrawMenuBar
IsClipboardFormatAvailable
TranslateMDISysAccel
SetWindowContextHelpId
GetDialogBaseUnits
InsertMenuA
RemoveMenu
DefMDIChildProcA
WaitMessage
GetWindowThreadProcessId
LockWindowUpdate
CopyAcceleratorTableA
GetNextDlgGroupItem
GetTabbedTextExtentA
RegisterClipboardFormatA
PostThreadMessageA
OemToCharA
CharToOemA
GetWindowDC
GetMenuCheckMarkDimensions
CharNextA
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageA
ScrollWindowEx
GetMenuState
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
wsprintfA
GetClassInfoA
IsDlgButtonChecked
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
MapDialogRect
ValidateRect
GetWindowPlacement
WinHelpA
IsMenu
CopyIcon
MessageBeep
DestroyCursor
LoadStringA
ModifyMenuA
GetMenuStringA
SetMenu
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoA
GetKeyboardLayout
MapVirtualKeyA
GetKeyNameTextA
DrawStateA
GetNextDlgTabItem
IsIconic
ShowWindow
SetMenuDefaultItem
RegisterWindowMessageA
SetActiveWindow
CreateDialogIndirectParamA
GetClassNameA
EnumWindows
AdjustWindowRect
UnregisterClassA
GetIconInfo
DefWindowProcA
TrackPopupMenu
WindowFromPoint
TranslateMessage
GetDCEx
RedrawWindow
GetWindow
GetClassLongA
GetWindowLongA
BeginDeferWindowPos
EndDeferWindowPos
IsRectEmpty
GetSysColorBrush
SystemParametersInfoA
IsChild
GetCursor
GetCapture
SetCapture
GetMessageA
SetCursor
DispatchMessageA
ReleaseCapture
DrawFrameControl
GetMessagePos
PtInRect
AppendMenuA
LoadMenuA
ClientToScreen
GetCursorPos
SetParent
GetAsyncKeyState
DrawEdge
FillRect
SetRect
CallWindowProcA
GetKeyState
GetSystemMetrics
SetWindowPos
LoadCursorA
IsWindowEnabled
DrawIconEx
SetCursorPos
IsZoomed
FindWindowA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
SetRectEmpty
wvsprintfA
CharUpperA
EndDialog
GetActiveWindow
IntersectRect
GetForegroundWindow
DrawTextExA
DrawFocusRect
MessageBoxA
SetWindowTextA
PeekMessageA
GetSystemMenu
EnableMenuItem
TranslateAcceleratorA
DestroyIcon
CreatePopupMenu
InflateRect
UpdateWindow
LoadImageA
LoadBitmapA
IsWindowVisible
GetMenu
GetSubMenu
DeleteMenu
LoadAcceleratorsA
ScreenToClient
MoveWindow
BeginPaint
EndPaint
SetWindowLongA
BringWindowToTop
SetForegroundWindow
GetDlgItem
GetDesktopWindow
GetSysColor
IsWindow
GetClientRect
SetFocus
GetFocus
KillTimer
SetTimer
LoadIconA
PostMessageA
GetDC
ReleaseDC
GetWindowRect
FrameRect
OffsetRect
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
GetParent
SendMessageA
InvalidateRect
CopyRect
IsCharLowerA
MapVirtualKeyExA
RegisterClassA
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
HideCaret

gdi32

GetTextExtentPointA
GetDCOrgEx
SaveDC
RestoreDC
StartDocA
SetBkMode
SetPolyFillMode
SelectPalette
SetStretchBltMode
SetMapMode
SetROP2
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
OffsetClipRgn
ExcludeClipRect
GetTextFaceA
CreateDIBitmap
MoveToEx
SetTextAlign
SetTextJustification
LineTo
SetMapperFlags
GetCurrentPositionEx
SetTextCharacterExtra
SetArcDirection
PolyDraw
ArcTo
SetColorAdjustment
PolyBezierTo
PolylineTo
SelectClipPath
ExtSelectClipRgn
GetClipRgn
GetObjectType
EnumMetaFile
PlayMetaFileRecord
GetViewportExtEx
GetWindowExtEx
PlayMetaFile
CreatePatternBrush
CreateDIBPatternBrushPt
ExtCreatePen
GetMapMode
SetRectRgn
LPtoDP
AbortDoc
EndDoc
CombineRgn
StartPage
SetAbortProc
EndPage
StretchDIBits
GetCharWidthA
CreateDCA
EnumFontFamiliesExA
GetNearestColor
CopyMetaFileA
GetPolyFillMode
GetTextAlign
GetStretchBltMode
GetROP2
GetBkMode
GetTextColor
GetCurrentObject
CreateBitmap
StretchBlt
GetBkColor
DPtoLP
GetViewportOrgEx
GetDeviceCaps
GetWindowOrgEx
GetClipBox
PatBlt
CreateRectRgnIndirect
GetStockObject
GetTextMetricsA
CreateRectRgn
FrameRgn
CreateHatchBrush
SelectObject
SetBkColor
SetTextColor
DeleteDC
CreateSolidBrush
Rectangle
DeleteObject
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectA
CreateFontIndirectA
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
GetBitmapBits
BitBlt

comdlg32

GetSaveFileNameA
CommDlgExtendedError
PageSetupDlgA
GetFileTitleA
PrintDlgA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

DragAcceptFiles
Shell_NotifyIconA
SHGetDataFromIDListA
SHGetDesktopFolder
ExtractIconA
DragQueryFileA
DragFinish
ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA

comctl32

ord17
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_SetBkColor
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_DrawEx
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Merge
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Read
ImageList_Write
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
OleRegGetUserType
ReadClassStg
ReadFmtUserTypeStg
OleDuplicateData
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoRevokeClassObject
CreateBindCtx
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
ReleaseStgMedium
CoCreateGuid
StringFromCLSID
CoTaskMemFree
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTreatAsClass
CoDisconnectObject
StgCreateDocfileOnILockBytes
CoGetClassObject
RegisterDragDrop
CoRegisterClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
OleRun
CreateILockBytesOnHGlobal
RevokeDragDrop
OleGetClipboard
CoLockObjectExternal

olepro32

ord253

oleaut32

VarBstrFromDate
SysFreeString
LoadTypeLi
SysStringLen
SafeArrayCreateVector
SysReAllocStringLen
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
SafeArrayRedim
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayGetLBound
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen

shlwapi

SHDeleteKeyA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.prdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

855fd4e49903b38ca153c70027956ac3

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

shlwapi

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 300KB - Virtual size: 299KB

.data Size: 80KB - Virtual size: 872KB

.idata Size: 20KB - Virtual size: 18KB

.didat Size: 4KB - Virtual size: 2KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 132KB - Virtual size: 130KB

.prdata Size: 68KB - Virtual size: 68KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 300KB - Virtual size: 299KB

.data
Size: 80KB - Virtual size: 872KB

.idata
Size: 20KB - Virtual size: 18KB

.didat
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 132KB - Virtual size: 130KB

.prdata
Size: 68KB - Virtual size: 68KB