8e9c372cd9565e8ba4b9b7903c78f846be445e6e5e24507239b8f4fb38aa445f

Sharing

Copy URL Twitter E-mail

General

Target

8e9c372cd9565e8ba4b9b7903c78f846be445e6e5e24507239b8f4fb38aa445f
Size

976KB
MD5

3626af7700bdccdd93e24fa67de7380a
SHA1

a95859635a123cf38cb5a3e621ea623eb6864504
SHA256

8e9c372cd9565e8ba4b9b7903c78f846be445e6e5e24507239b8f4fb38aa445f
SHA512

36d000c52655c27e043d66c86f213447e4b3eb3fbbb4c3aee915a9560f64b695a01281e99a8f7ea51bc2a0c24a3f56be1a654405dc69260afd7ad005c38605a1
SSDEEP

24576:q73Q0s+Yw2dFa3nYCbBWXbCgRt1Qz51m2IPLxdSgqf2:usw2dvCdWrCF+2IjxdOf2

Score

N/A

Malware Config

Signatures

Files

8e9c372cd9565e8ba4b9b7903c78f846be445e6e5e24507239b8f4fb38aa445f
.exe windows x86

7c9d528d9a42619dbf7c242c5d0a0666

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

ws2_32

gethostbyname
recv
send
htons
connect
getprotobyname
socket
listen
closesocket
setsockopt
WSASetLastError
inet_addr
select
bind
WSAStartup
WSACleanup
shutdown
getpeername
inet_ntoa
accept
gethostname

regclient

MD5_Ex
SelfTest
GetDLLVersion
DoBASE64
CheckRegister
DoDES
GetErrorString
GetValueStr
GetLocalCode
Register

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipFree
GdiplusStartup
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipDisposeImage
GdipAlloc
GdipGetImageThumbnail
GdipGetImageEncoders
GdipLoadImageFromFile

wisesmktrigger

SetHook
UnSetHook

kernel32

GetPrivateProfileIntA
WritePrivateProfileStringA
lstrlenW
FileTimeToLocalFileTime
InterlockedIncrement
FormatMessageA
lstrcmpiA
lstrcpynA
FlushFileBuffers
LockFile
UnlockFile
lstrcpyA
SizeofResource
GetThreadLocale
MulDiv
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
SuspendThread
GetFileTime
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
GetProcessVersion
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
SetStdHandle
GetLocalTime
RaiseException
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
GetACP
TerminateProcess
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetDriveTypeA
GetModuleHandleA
GetPrivateProfileStringA
GetCommModemStatus
GetWindowsDirectoryA
GetSystemDirectoryA
FileTimeToSystemTime
FindNextFileA
GetFullPathNameA
GetFileAttributesA
GetComputerNameA
SystemTimeToFileTime
OpenProcess
GetCurrentProcessId
CreateProcessA
ExitProcess
GetVersionExA
CreateMutexA
lstrcmpA
GetTimeZoneInformation
GetOverlappedResult
WaitCommEvent
ResetEvent
SetCommMask
WaitForMultipleObjects
SetEvent
TerminateThread
GetCommTimeouts
SetCommTimeouts
GetCommState
SetupComm
SetCommState
GetFileType
PurgeComm
ClearCommError
CreateEventA
FreeLibrary
LoadLibraryA
GetProcAddress
GetTempPathA
GetTickCount
SetLastError
GetSystemTime
TlsGetValue
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
OutputDebugStringA
WriteConsoleA
MoveFileExA
SetEndOfFile
AllocConsole
GetStdHandle
GetModuleFileNameA
LocalAlloc
WriteFile
GetFileSize
ReadFile
GlobalReAlloc
SetFilePointer
CreateFileA
CloseHandle
GlobalHandle
FindResourceA
LoadResource
LockResource
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersion
HeapAlloc
HeapFree
CreateDirectoryA
FindFirstFileA
FindClose
WideCharToMultiByte
LocalFree
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedDecrement
GetProfileStringA
GetVolumeInformationA

user32

RegisterClipboardFormatA
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
SetRect
InvalidateRect
InflateRect
GetSysColorBrush
PtInRect
MapDialogRect
SetWindowContextHelpId
ValidateRect
GetDesktopWindow
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
CopyRect
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
MessageBoxA
ReleaseDC
GetDC
SendMessageA
EnableWindow
UpdateWindow
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
CharUpperA
GetWindowTextLengthA
GetActiveWindow
EnumWindows
ExitWindowsEx
GetWindowThreadProcessId
IsWindowVisible
GetWindowTextA
GetClassNameA
GetFocus
GetForegroundWindow
AttachThreadInput
LoadStringA
GetTopWindow
wsprintfA
GetWindowLongA
SetForegroundWindow
ShowWindow
GetSubMenu
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
GetMenuItemID
DefWindowProcA
DestroyMenu
RegisterClassExA
CreateWindowExA
SetWindowLongA
LoadMenuA
OpenDesktopA
OpenInputDesktop
GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
CloseDesktop
MessageBeep
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
RegisterWindowMessageA
SetCursor
LoadCursorA
GetSysColor
GetWindowRect
ClientToScreen
GetClientRect
ScreenToClient
PostMessageA
FindWindowA
KillTimer
SetTimer
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
PostQuitMessage
LoadIconA
AppendMenuA
GetSystemMenu
DrawIcon
GetSystemMetrics
IsIconic
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
MsgWaitForMultipleObjects
PeekMessageA
PostThreadMessageA
keybd_event

gdi32

EndDoc
EndPage
AbortDoc
StartPage
StartDocA
SaveDC
RestoreDC
SetBkMode
GetTextColor
LPtoDP
PatBlt
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
CreateSolidBrush
CreateDCA
CreateDIBSection
SelectObject
CreateDIBitmap
CreatePalette
GetDIBits
GetObjectA
BitBlt
RealizePalette
CreateCompatibleDC
StretchBlt
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SelectPalette
GetStockObject
DeleteObject
GetTextExtentPointA
GdiFlush
DeleteDC
GetBkColor
SetDIBColorTable
GetWindowExtEx
GetViewportExtEx
IntersectClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetTextColor

comdlg32

GetFileTitleA
PrintDlgA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

DeregisterEventSource
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegCreateKeyA
CloseServiceHandle
RegDeleteKeyA
RegEnumValueA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegisterEventSourceA
ReportEventA
RegCloseKey
SetServiceStatus
RevertToSelf
OpenProcessToken
ImpersonateLoggedOnUser
RegOpenKeyA
RegDeleteValueA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA

shell32

Shell_NotifyIconA
ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
CoTaskMemFree
OleUninitialize
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoTaskMemAlloc
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VarBstrFromCy
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysFreeString
GetErrorInfo

odbc32

ord10
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 696KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c9d528d9a42619dbf7c242c5d0a0666

Headers

File Characteristics

Imports

shlwapi

ws2_32

regclient

gdiplus

wisesmktrigger

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

wininet

rpcrt4

Sections

.text Size: 696KB - Virtual size: 693KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 60KB - Virtual size: 289KB

.rsrc Size: 112KB - Virtual size: 111KB

.text
Size: 696KB - Virtual size: 693KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 60KB - Virtual size: 289KB

.rsrc
Size: 112KB - Virtual size: 111KB