821bae01e3cc570d8749ab625e29ee137c13024603b21b00f81b62730c8ab87d

Sharing

Copy URL Twitter E-mail

General

Target

821bae01e3cc570d8749ab625e29ee137c13024603b21b00f81b62730c8ab87d
Size

549KB
MD5

565229cb43c7b915defa37cefa31f5d8
SHA1

7cea05eeae32f420ed6a97712a5ddf553f518f28
SHA256

821bae01e3cc570d8749ab625e29ee137c13024603b21b00f81b62730c8ab87d
SHA512

9bf2317008401cfa26750458cbd64a17c73e54cff3f2b4fa45f1f3579610eaa6830860ebf4e9d12273c33cfca8b4c229ec8f1f6d638edd925e5bdf497a6551b5
SSDEEP

12288:rEcsLBBBG8kMrryXAXTnS0I5uTBX99UB3sUdm6Cgb:rEblBBG8kMrrLDS0IYtXzu8UNCgb

Score

N/A

Malware Config

Signatures

Files

821bae01e3cc570d8749ab625e29ee137c13024603b21b00f81b62730c8ab87d
.exe windows x86

573ad1dc343a90c42f9df3e00ee0bf07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromPoint
GetClientRect
CharNextA
LoadIconA
RedrawWindow
PostQuitMessage
CopyAcceleratorTableA
TabbedTextOutW
IsMenu
GetDC
GetWindowLongW
SetWindowRgn
GetSysColor
GetWindowTextW
MapDialogRect
CallWindowProcA
GetParent
CharUpperA
CreateWindowExW
SetCapture
GetKeyState
LoadAcceleratorsA
GetWindowTextLengthA
RegisterWindowMessageA
CreateDialogParamA
EmptyClipboard
TabbedTextOutA
IntersectRect
IsChild
GetMenuCheckMarkDimensions
LockWindowUpdate
DdeConnect
SendMessageW
wsprintfA
SendMessageA
DrawTextW
MessageBoxW
SetCursorPos
GetMonitorInfoW
DialogBoxParamA
GetScrollInfo
CharLowerA
SetDlgItemInt
MsgWaitForMultipleObjects
MapVirtualKeyExA
GetDlgCtrlID
GetMenu
IsZoomed
DefWindowProcW
LoadCursorA
LoadIconW
GetSubMenu
TrackPopupMenuEx
GetCapture
GetActiveWindow
DrawIconEx
IsClipboardFormatAvailable
SystemParametersInfoA
ReuseDDElParam
SendDlgItemMessageA
LoadMenuW
GetClipboardData
LoadCursorW
WinHelpA
SetTimer
GetIconInfo
GrayStringW
GetClassInfoA
GetMessageW
SetWindowsHookExA
DdeGetData
RegisterClassA
MapWindowPoints
GetDlgItem
SetWindowLongW
AdjustWindowRectEx
OffsetRect
GetPropA
GetWindowRect
GetClassNameA
ShowWindow
OpenClipboard
GetOpenClipboardWindow
CheckRadioButton
PtInRect
SetWindowLongA
RegisterHotKey
GetMessageA
UnionRect
PostThreadMessageA
DrawTextA
CreateWindowExA
UnhookWindowsHookEx
InsertMenuItemA
GetClassLongA
GetScrollPos
GetAsyncKeyState
BeginDeferWindowPos
SetForegroundWindow
LoadBitmapA
RegisterClipboardFormatA
GetForegroundWindow
ModifyMenuA
GetKeyboardState
SetDlgItemTextW
GetScrollRange
IsWindowEnabled
GetCursorPos
SetScrollInfo
ExcludeUpdateRgn
DdeFreeStringHandle
ReleaseCapture
CopyIcon
EndDeferWindowPos
DeferWindowPos
TrackPopupMenu
CopyRect
GetMenuItemInfoA
DestroyAcceleratorTable
IsIconic
GetMenuStringW
GetSysColorBrush
ValidateRect
GetFocus
MessageBeep
GetUpdateRect
GetDCEx
SetWindowPos
SetFocus
CreateDialogIndirectParamW
GetMenuItemCount
GetLastActivePopup
ReleaseDC
IsWindowVisible
LoadAcceleratorsW
SetWindowContextHelpId
TranslateMessage
SetRectEmpty
GetNextDlgTabItem
InflateRect
GetMessageTime
ShowOwnedPopups
DdeDisconnect
UnpackDDElParam
IsDialogMessageA
DefWindowProcA
SendNotifyMessageA
EnumWindows
UnregisterHotKey
CreatePopupMenu
AppendMenuA
ScreenToClient
ShowCaret
LoadStringA
DrawIcon
FillRect
SetParent
GetClipboardViewer
DeleteMenu
CallWindowProcW
wvsprintfA
DrawFocusRect
GetWindowPlacement
DestroyIcon
IsRectEmpty
DrawFrameControl
SetClassLongA
SetMenu
CreateAcceleratorTableW
DdeUninitialize
CheckMenuItem
CloseClipboard
MoveWindow
UpdateWindow
SetCursor
TranslateAcceleratorA
EqualRect
DispatchMessageA
GrayStringA
GetMenuStringA
GetWindow
SetMenuItemBitmaps
GetWindowRgn
KillTimer
ScrollWindow
PostThreadMessageW
LoadBitmapW
CreateIconIndirect
GetMenuItemID
IsDlgButtonChecked
PeekMessageA
GetDesktopWindow
DestroyMenu
RemovePropA
GetWindowThreadProcessId
DdeClientTransaction
MessageBoxA
GetMenuState
EnableMenuItem
InvalidateRect
LoadImageA
DrawEdge
GetClassNameW
SetActiveWindow
SetRect
HideCaret
CallNextHookEx
GetWindowDC
ClientToScreen
SetWindowTextA
GetTopWindow
CreateMenu
RemoveMenu
GetWindowTextA
GetCaretPos
DestroyWindow
GetSystemMenu
DestroyCursor
LoadMenuA
EnumDisplaySettingsW
ValidateRgn
GetWindowInfo
InvertRect
DrawStateW
IsWindow
RegisterClassExA
SetWindowPlacement
GetWindowLongA
GetSystemMetrics
PostMessageA
DrawStateA
EndDialog
IsWindowUnicode
SetPropA
InsertMenuW
GetMessagePos
IsDialogMessageW
BringWindowToTop
DdeCreateStringHandleA
WaitMessage
FrameRect
EnableWindow
UnregisterClassA
AppendMenuW

advapi32

GetLengthSid
RegQueryInfoKeyA
CryptDestroyKey
CryptDeriveKey
OpenServiceA
RegisterServiceCtrlHandlerA
AccessCheck
RegDeleteKeyW
OpenSCManagerA
RegisterEventSourceA
RegQueryValueExA
RegQueryInfoKeyW
EqualSid
CryptGetHashParam
GetAce
RegSetValueExW
RegCloseKey
StartServiceA
ControlService
ChangeServiceConfigA
RevertToSelf
RegCreateKeyA
DeleteService
RegDeleteKeyA
FreeSid
RegQueryValueA
LookupPrivilegeValueA
RegOpenKeyA
RegSetValueExA
AddAccessAllowedAce
InitializeAcl
RegCreateKeyExA
RegSetValueA
AdjustTokenPrivileges
RegEnumKeyA
RegDeleteValueA
GetUserNameA
SetFileSecurityA
SetServiceStatus
GetAclInformation
CloseServiceHandle
RegEnumValueA
CryptHashData
RegEnumKeyExW
RegQueryValueW
RegDeleteValueW
AllocateAndInitializeSid
RegOpenKeyExA
OpenThreadToken
CreateServiceA
SetEntriesInAclW
GetTokenInformation
InitiateSystemShutdownA
OpenProcessToken
StartServiceCtrlDispatcherA
RegEnumKeyExA
QueryServiceStatus
RegQueryValueExW
RegFlushKey
SetSecurityDescriptorDacl
CryptCreateHash
CryptReleaseContext

comctl32

ImageList_SetImageCount
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Replace
ord17
ImageList_SetBkColor
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_BeginDrag
DestroyPropertySheetPage
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_DrawEx
PropertySheetA
ImageList_Draw
ImageList_GetBkColor
ImageList_Read
ImageList_SetDragCursorImage
ImageList_Add
_TrackMouseEvent
CreatePropertySheetPageA
ImageList_Create
ImageList_Write
ImageList_DragMove
ImageList_Remove
ImageList_LoadImageA
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon

kernel32

CloseHandle
GetSystemTimeAsFileTime
FatalAppExitA
EnumSystemLocalesA
HeapSize
SetEvent
InterlockedIncrement
GetEnvironmentVariableA
GetDriveTypeA
LocalReAlloc
GetVersionExA
LoadResource
IsBadStringPtrA
QueryPerformanceFrequency
lstrlenA
SetEnvironmentVariableA
CreateMutexA
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapFree
GetProcAddress
GetLocalTime
GetThreadLocale
LocalAlloc
GetTempPathA
InterlockedCompareExchange
PurgeComm
GetOEMCP
SetFileAttributesA
GetStartupInfoA
WritePrivateProfileStringA
GetPrivateProfileStringA
Sleep
InterlockedExchange
OpenMutexA
FlushInstructionCache
GetLocaleInfoW
SetFileAttributesW
ReleaseSemaphore
FindFirstFileW
TlsSetValue
FileTimeToSystemTime
GetModuleFileNameA
GetShortPathNameW
FileTimeToLocalFileTime
GetStringTypeW
GetSystemTime
_lopen
lstrcatW
ResetEvent
GetEnvironmentStringsW
RemoveDirectoryA
FreeEnvironmentStringsA
LoadLibraryA
GetACP
MulDiv
SetThreadPriority
GetModuleHandleW
GlobalSize
GetDiskFreeSpaceExA
DuplicateHandle
GlobalUnlock
HeapReAlloc
CreateProcessA
ExpandEnvironmentStringsA
ExitProcess
GlobalFindAtomA
GlobalAlloc
lstrcatA
GetConsoleOutputCP
GetConsoleCP
IsBadCodePtr
ReadFile
GetStringTypeExA
WaitForMultipleObjects
GlobalGetAtomNameA
GetFileTime
MultiByteToWideChar
HeapAlloc
WriteConsoleW
CreateFileW
lstrcmpiW
TerminateProcess
GetFullPathNameW
GetWindowsDirectoryA
SetFilePointer
IsBadWritePtr
CopyFileA
GetDateFormatA
QueryPerformanceCounter
LoadLibraryW
GetStringTypeA
GetModuleFileNameW
GetTempFileNameA
FreeResource
ConvertDefaultLocale
GlobalFree
CreateFileA
DeviceIoControl
GetFullPathNameA
VirtualAlloc
GetTimeZoneInformation
GetFileType
SetHandleCount
TerminateThread
VirtualProtect
SetEndOfFile
lstrcmpA
lstrcpynA
GetDriveTypeW
FindNextFileW
WriteFile
HeapDestroy
WaitForSingleObject
InterlockedDecrement
OpenProcess
_lwrite
GetLocaleInfoA
IsValidLocale
GetPrivateProfileIntA
SetErrorMode
ExitThread
GlobalFlags
CompareStringW
GlobalHandle
SetUnhandledExceptionFilter
FreeLibrary
FormatMessageA
TlsFree
LocalFileTimeToFileTime
LCMapStringW
GetCurrentProcessId
GetCPInfo
LCMapStringA
FlushFileBuffers
SystemTimeToFileTime
GetTickCount
TlsGetValue
GlobalDeleteAtom
GetFileSize
VirtualQuery
CompareFileTime
GetVolumeInformationA
_lcreat
FindClose
CompareStringA
WriteConsoleA
LocalFree
WideCharToMultiByte
GetExitCodeProcess
GetTempPathW
GetTimeFormatA
FileTimeToDosDateTime
_lread
GetSystemInfo
IsBadReadPtr
FindResourceA
GetEnvironmentStrings
RtlUnwind
GetCurrentProcess
CreateEventA
GetUserDefaultLCID
lstrcmpiA
CreateDirectoryA
GetCommandLineA
GetProcessHeap
GetModuleHandleA
IsValidCodePage
GetCurrentDirectoryA
UnhandledExceptionFilter
FindNextFileA
GetDateFormatW
FindResourceExA
HeapCreate
SetFileTime
RaiseException
GetFileAttributesW
OutputDebugStringA
LeaveCriticalSection
SetCommMask
TlsAlloc
GetStdHandle
GetFileAttributesA
FindFirstFileA
GetCurrentThread
WinExec
GetVersion
GetShortPathNameA
EnterCriticalSection
GetUserDefaultLangID
GetDiskFreeSpaceW
CreateThread
SetStdHandle
lstrlenW
LockResource
GetCurrentThreadId
GetAtomNameA
SetLastError
ResumeThread
GlobalLock
FreeEnvironmentStringsW
GetLastError

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

573ad1dc343a90c42f9df3e00ee0bf07

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 268KB - Virtual size: 268KB

.data Size: 91KB - Virtual size: 111KB

.rsrc Size: 93KB - Virtual size: 93KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 268KB - Virtual size: 268KB

.data
Size: 91KB - Virtual size: 111KB

.rsrc
Size: 93KB - Virtual size: 93KB