d39ad27ac7a54cb427d0d27476d2d73a1b11bd9fa7e33919c6b78457808fce8c

Sharing

Copy URL Twitter E-mail

General

Target

d39ad27ac7a54cb427d0d27476d2d73a1b11bd9fa7e33919c6b78457808fce8c
Size

716KB
MD5

5bfdc93ac4443c37a4dcfce1aa57a829
SHA1

20f0b04b309880c19d7c8b4fdb5617125c6da8f5
SHA256

d39ad27ac7a54cb427d0d27476d2d73a1b11bd9fa7e33919c6b78457808fce8c
SHA512

a164670971cf611b2eafa21f11063d111d92f2c6e74bdc8afc3e5e63dae1731c4c00521c870b53593a1efbccfd99c689d91d1f258c43a17e0e55ec5a161facd4
SSDEEP

12288:brobg5q1ZzJ1m9C93+xqyQCZKQyHvOglQkNxlSH2EBmMqlkxX/APHxa/qTsDjrQg:brobg5q1ZKc93eQ2VkG5qCxgxaCTGPqW

Score

N/A

Malware Config

Signatures

Files

d39ad27ac7a54cb427d0d27476d2d73a1b11bd9fa7e33919c6b78457808fce8c
.exe windows x86

36a6c34051d7a5a91aa19e0f26af7747

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualFree
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetCurrentProcessId
QueryPerformanceCounter
HeapSize
TerminateProcess
HeapReAlloc
GetCommandLineA
GetStartupInfoA
FindNextFileA
SetCurrentDirectoryA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
ExitProcess
FileTimeToLocalFileTime
SetErrorMode
GetCurrentDirectoryA
GetFileTime
GetFileAttributesA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
FileTimeToSystemTime
WritePrivateProfileStringA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
SetLastError
MulDiv
GlobalAlloc
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
MultiByteToWideChar
DeleteFileA
GetPrivateProfileStringA
GetTickCount
GetModuleFileNameA
FormatMessageA
LocalFree
lstrcpyA
GetPrivateProfileIntA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsBadReadPtr
InterlockedExchange

user32

FillRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
TabbedTextOutA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
EnableWindow
PtInRect
GetClientRect
InvalidateRect
LoadImageA
SetCursor
InflateRect
SendMessageA
GetWindowRect
GetDC
ReleaseDC
SetCapture
GetParent
LoadCursorA
GetWindowPlacement
CopyRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
UnregisterClassA
CharUpperA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
MessageBoxA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
IsWindowVisible
IsIconic
PostMessageA
DrawIcon
SetWindowLongA
ReleaseCapture
EndPaint
WindowFromPoint
GetCursorPos
FindWindowA
UpdateWindow
IsWindow
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
CharNextA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
InvalidateRgn
CopyAcceleratorTableA
SetRect
DestroyMenu
IsRectEmpty
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
wsprintfA
GetMenu
SetWindowRgn
GetMenuItemInfoA

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreatePen
CreateEllipticRgn
LPtoDP
Ellipse
CreateRectRgnIndirect
PatBlt
GetMapMode
GetRgnBox
CreateCompatibleBitmap
GetBkColor
GetTextColor
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
GetTextExtentPoint32A
CreateFontIndirectA
GetStockObject
CreateBitmap
SetPixel
StretchBlt
SetDIBits
GetDIBits
GetCurrentObject
SetBrushOrgEx
Rectangle
CreateDIBSection
CreateCompatibleDC
GetObjectA
BitBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CoRegisterMessageFilter
OleFlushClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

VariantInit
VariantChangeType
VariantClear
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SysAllocStringLen
SafeArrayDestroy
SysAllocString
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen

log

?type_str@log_device@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4log_type@@@Z
?time_str@log_device@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABU_SYSTEMTIME@@@Z
??1log_dev_msgbox@@UAE@XZ
??0log_dev_msgbox@@QAE@I@Z
?stop@my_log@@QAEXXZ
?start@my_log@@QAEXXZ
?bind@my_log@@QAEXAAVlog_device@@@Z
?set_type_str@log_device@@QAEXW4log_type@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0my_log@@QAE@XZ
??1my_log@@QAE@XZ
?write@my_log@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4log_type@@_N@Z
??0log_device@@QAE@II@Z
?open@log_device@@UAE_NXZ
?close@log_device@@UAEXXZ
??1log_device@@UAE@XZ

ws2_32

WSACleanup
WSAStartup
getpeername
inet_ntoa

bsclt

?is_connected@bsclt_socket@@QBE_NXZ
?set_proxy@bsclt_socket@@QAEXHPBDG00@Z
?add_xy_handler@bsclt_socket@@QAEXPAV?$protocol_handler@Vbsclt_socket@@@@@Z
?init_bsclt@@YA_NAAVmy_log@@@Z
?info@bsclt_socket@@QAEAAVsock_info@@XZ
?on_connect@bsclt_socket@@UAEXK@Z
??0bsclt_socket@@QAE@XZ
??1bsclt_socket@@UAE@XZ
?choose_allocator@bsclt_socket@@QAEPAXI@Z
?alloc_size@bsclt_socket@@QAEIPAX@Z
?alloc_packet@bsclt_socket@@QAEPADPAX@Z
?send_packet@bsclt_socket@@QAEXPADII@Z
?release_packet@bsclt_socket@@QAEXPAD@Z
?connect@bsclt_socket@@QAEXPBDG@Z
?close@bsclt_socket@@QAEX_N@Z
?uninit_bsclt@@YAXXZ

netapi32

Netbios

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 456KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36a6c34051d7a5a91aa19e0f26af7747

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

log

ws2_32

bsclt

netapi32

msimg32

Sections

.text Size: 456KB - Virtual size: 453KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 104KB - Virtual size: 102KB

.text
Size: 456KB - Virtual size: 453KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 104KB - Virtual size: 102KB