8d1c7b53fe3f8184a97115ef0ed0573acc7d9413a3372027a063ecb18e7b0b6d

Sharing

Copy URL Twitter E-mail

General

Target

8d1c7b53fe3f8184a97115ef0ed0573acc7d9413a3372027a063ecb18e7b0b6d
Size

864KB
MD5

04f6bd8759a202d23db48f597d4b57e0
SHA1

96bf2610197d0ffcb2355c7161cf6c9f1d4696be
SHA256

8d1c7b53fe3f8184a97115ef0ed0573acc7d9413a3372027a063ecb18e7b0b6d
SHA512

886162773be2391c614ab262cbdf177172a4e08eb63b80bb1abb19af43f31d0a79514ee3d115924eb9511f5f7663bf3bfa06d434cd967fe393a61868c0a1d042
SSDEEP

12288:W/xHnQX1Vsza2cLaqYniTjYHGbSW8j8254Nd2pUgG/bDHGaSFmk5hZfKZMUJ:WJQXQUXYm2j8i4NkDGjSaSHnhKZMUJ

Score

N/A

Malware Config

Signatures

Files

8d1c7b53fe3f8184a97115ef0ed0573acc7d9413a3372027a063ecb18e7b0b6d
.exe windows x86

16afe91355ca38c1e0a60e476ef22516

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStream
GdipFillRectangleI
GdipAlloc
GdiplusStartup

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

select
__WSAFDIsSet
closesocket
recv
send
connect
htons
shutdown
WSACleanup
gethostbyname
socket
WSAStartup
inet_addr
WSAGetLastError

wininet

HttpOpenRequestA
InternetOpenA
InternetSetOptionW
HttpQueryInfoA
FindFirstUrlCacheEntryA
InternetQueryOptionW
FindCloseUrlCache
DeleteUrlCacheEntryA
InternetWriteFile
InternetOpenUrlA
InternetOpenW
InternetConnectA
InternetCloseHandle
HttpEndRequestW
FindNextUrlCacheEntryA
InternetReadFile
HttpSendRequestA
InternetQueryOptionA
InternetGetCookieA
InternetCrackUrlA
InternetQueryDataAvailable
InternetSetOptionA
HttpSendRequestExW

kernel32

WaitForSingleObject
GetTickCount
CreateProcessW
GetSystemInfo
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Sleep
Process32NextW
CopyFileW
FindFirstFileW
FindNextFileW
FindClose
GlobalFree
GetVersionExW
GetSystemDefaultLCID
RemoveDirectoryW
GetCurrentProcessId
WaitForMultipleObjects
SetUnhandledExceptionFilter
GetModuleHandleW
FlushInstructionCache
SearchPathW
EnterCriticalSection
LeaveCriticalSection
SetLastError
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
QueryPerformanceCounter
InitializeCriticalSection
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
ReadFile
CreateFileMappingW
InterlockedIncrement
InterlockedExchange
CreateDirectoryW
InterlockedExchangeAdd
CreateThread
SystemTimeToFileTime
GetStdHandle
GetLocalTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
SetFilePointer
InterlockedDecrement
MoveFileW
InterlockedCompareExchange
HeapFree
GetProcessHeap
SetEvent
FreeLibrary
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
GetProcAddress
LoadLibraryW
WriteFile
CreateFileW
DeleteFileW
ExpandEnvironmentStringsW
CloseHandle
GetCurrentProcess
RaiseException
GetLastError
CreateEventW
GetCurrentThreadId
VirtualAlloc
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
ExitThread
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
HeapSize
ExitProcess
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CreateFileA
DeleteCriticalSection
GetModuleHandleA

user32

UnregisterClassW
DrawIconEx
RegisterClassExW
DestroyWindow
SetFocus
DrawFocusRect
ScreenToClient
GetCursorPos
CallWindowProcW
DefWindowProcW
SetWindowLongW
GetKeyState
LoadCursorW
DrawTextW
GetSystemMetrics
SetWindowPos
MapWindowPoints
GetClientRect
GetWindowRect
GetWindow
GetWindowLongW
SetCursor
DrawEdge
EqualRect
InvalidateRect
KillTimer
IntersectRect
OffsetRect
SystemParametersInfoW
SetWindowTextW
CreateWindowExW
GetParent
SendMessageW
LoadImageW
PostQuitMessage
GetSysColor
wsprintfW
BringWindowToTop
MessageBoxW
PostMessageW
PostThreadMessageW
ShowWindow
IsWindowVisible
IsWindow
PeekMessageW
GetMessageW
SetCapture
ReleaseCapture
TrackMouseEvent
RedrawWindow
GetCapture
GetUpdateRect
BeginPaint
EndPaint
TranslateMessage
DispatchMessageW
SetPropW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
UpdateLayeredWindow
GetDC
ReleaseDC
SetTimer
GetForegroundWindow
GetPropW
FindWindowW
UnregisterClassA
CopyRect

gdi32

StretchBlt
GetViewportOrgEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextColor
GetCurrentObject
BitBlt
CreateDIBSection
CreateCompatibleDC
SelectClipRgn
SetViewportOrgEx
ExtSelectClipRgn
CreateRectRgnIndirect
ExtTextOutW
GetClipBox
GetStockObject
CreatePen
SetTextColor
SetBkMode
SelectObject
RestoreDC
SaveDC
GetObjectW
DeleteDC
SetBkColor
DeleteObject
CreateFontW

advapi32

RegCloseKey
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptSetKeyParam
CryptImportKey
CryptAcquireContextW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegSetValueExA
RegCreateKeyW
RegOpenKeyW
RegEnumValueA
RegDeleteKeyW
RegEnumValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

shell32

SHChangeNotify
ShellExecuteW
ShellExecuteExW

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize

shlwapi

StrCmpIW
SHSetValueW
SHGetValueA
SHGetValueW
PathFileExistsW
PathAppendW

Sections

.text
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16afe91355ca38c1e0a60e476ef22516

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

version

ws2_32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 423KB - Virtual size: 423KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 9KB - Virtual size: 26KB

.rsrc Size: 303KB - Virtual size: 304KB

.text
Size: 423KB - Virtual size: 423KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 9KB - Virtual size: 26KB

.rsrc
Size: 303KB - Virtual size: 304KB