8e92be898539aacf269ff00cd584fdb0c8fb73fcf9a40f26a9dcd39cb5344797

Sharing

Copy URL Twitter E-mail

General

Target

8e92be898539aacf269ff00cd584fdb0c8fb73fcf9a40f26a9dcd39cb5344797
Size

833KB
MD5

07092adc60cc488bc88648b2efbf6170
SHA1

e4bc084e034aedae0ffcdcdb7d39b3610fe65cfa
SHA256

8e92be898539aacf269ff00cd584fdb0c8fb73fcf9a40f26a9dcd39cb5344797
SHA512

61263d93487c3403beefbde1cbd9be45ee9d07e6ce0c317c92c335241212a33916fad8bf16ef320160ab1ecb60cecc344510432319c6998d2b40cfd66b9af7dd
SSDEEP

12288:djlR8u26kxFvS4O9AtMeWULWwOR6N9r2fABVPNRA0jag/Kj5HWUue/2H1:dN26cwnwOR6CI3AWKlWc/q

Score

N/A

Malware Config

Signatures

Files

8e92be898539aacf269ff00cd584fdb0c8fb73fcf9a40f26a9dcd39cb5344797
.exe windows x86

0a6486b755f55abc1e6275da979b8773

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetSystemInfo
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SizeofResource
LockResource
SetErrorMode
GetFileTime
GetFileSizeEx
SetFileAttributesW
GetProcessHeap
FindNextFileW
RemoveDirectoryW
GetDiskFreeSpaceW
GetLogicalDrives
CreateProcessW
GetDriveTypeW
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
GetStringTypeA
GetStartupInfoW
LoadResource
FindResourceW
lstrcpyW
lstrcmpW
OpenProcess
CloseHandle
lstrlenW
WideCharToMultiByte
GetLastError
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GetModuleHandleW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
InterlockedDecrement
CreateFileW
lstrcatW
WinExec
FreeResource
CompareStringW
GetModuleFileNameW
SetCurrentDirectoryW
CreateMutexW
CreateDirectoryW
CreateThread
WaitForSingleObject
GetFullPathNameW
lstrcmpiW
TerminateThread
DeleteFileW
GetFileAttributesW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetLocalTime
WriteFile
GetCurrentDirectoryW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
ReadFile
GetPrivateProfileStringW
WritePrivateProfileStringW
FlushFileBuffers
QueryDosDeviceW
GetProcessTimes
GetTickCount
GlobalFlags
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetCurrentProcessId
GetModuleHandleA
lstrlenA
lstrcmpA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryW
LoadLibraryA
FreeLibrary
GetProcAddress
GetVersionExA
SetLastError
FormatMessageW
LocalFree
MulDiv
FileTimeToLocalFileTime
FileTimeToSystemTime

user32

ValidateRect
MessageBeep
GetNextDlgGroupItem
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
SetWindowContextHelpId
MapDialogRect
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
IsWindowEnabled
MoveWindow
SetWindowTextW
SetDlgItemTextW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
DestroyMenu
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
FindWindowW
GetDC
ReleaseDC
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuState
GetMenuItemID
GetMenuItemCount
GetShellWindow
CharNextW
UnregisterClassW
RegisterClipboardFormatW
GetDesktopWindow
GetForegroundWindow
CharUpperW
PostThreadMessageW
GetLastActivePopup
ReleaseCapture
PostMessageW
GetWindowRect
SetWindowPos
LoadBitmapW
UpdateLayeredWindow
GetClientRect
GetDlgItemTextW
GetDlgItem
OffsetRect
DefWindowProcW
LoadCursorW
EndDialog
RegisterClassExW
GetSystemMetrics
SendMessageW
ShowWindow
PostQuitMessage
EnableWindow
GetWindowLongW
FrameRect
InflateRect
InvalidateRect
UpdateWindow
wsprintfW
LoadImageW
KillTimer
SetWindowLongW
SetMenu
TrackMouseEvent
SetTimer
GetMessagePos
ScreenToClient
PtInRect
SetCursor
GetSysColor
GetWindowDC
SystemParametersInfoW
CopyRect
GetSysColorBrush
SetRect
GrayStringW
DrawTextExW
TabbedTextOutW
RedrawWindow
DrawTextW
GetWindowThreadProcessId
BringWindowToTop
GetSubMenu
SetForegroundWindow
AppendMenuW
SetMenuItemBitmaps
InsertMenuItemW
GetIconInfo
CreatePopupMenu
CreateMenu
GetCursorPos
SetWindowRgn
GetDlgCtrlID
GetWindow
LoadIconW
IsDialogMessageW
TranslateMessage
DispatchMessageW
GetMessageW
WindowFromPoint
ClientToScreen
GetParent
IsWindow

gdi32

GetDIBits
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
LineTo
MoveToEx
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
Escape
PtVisible
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
TextOutW
ExtSelectClipRgn
CreateBitmap
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
GetRgnBox
GetMapMode
DPtoLP
GetBkColor
GetTextColor
OffsetViewportOrgEx
ExtTextOutW
CombineRgn
CreateRectRgn
GetTextExtentPoint32W
CreateFontIndirectW
GetStockObject
BitBlt
CreateCompatibleBitmap
SetBitmapBits
GetBitmapBits
GetDeviceCaps
GetObjectW
SetDIBColorTable
SelectObject
RectVisible
GetDIBColorTable
DeleteDC
StretchBlt
DeleteObject
CreateDIBSection
CreateCompatibleDC
SetViewportExtEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

shell32

ShellExecuteW
SHGetFileInfoW
Shell_NotifyIconW

comctl32

_TrackMouseEvent

shlwapi

StrFormatByteSizeW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathFileExistsW
PathRemoveFileSpecW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleFlushClipboard
CoRegisterMessageFilter
OleUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VariantChangeType
SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
VariantTimeToSystemTime

gdiplus

GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipReleaseDC
GdipDrawString
GdipDrawImageI
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipDrawImagePointRectI
GdipDisposeImage
GdipCreateSolidFill
GdipFree
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipCreateStringFormat

psapi

EnumProcesses
GetProcessImageFileNameW

wininet

InternetReadFile
InternetOpenUrlW
InternetCloseHandle
HttpQueryInfoW
InternetOpenW

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 347KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a6486b755f55abc1e6275da979b8773

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

psapi

wininet

Sections

.text Size: 371KB - Virtual size: 371KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 347KB - Virtual size: 348KB

.text
Size: 371KB - Virtual size: 371KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 347KB - Virtual size: 348KB