8a2c593ef00842ded6f194646e8db4bf9a3a03b981ca31d6d9eade917b976612

Sharing

Copy URL Twitter E-mail

General

Target

8a2c593ef00842ded6f194646e8db4bf9a3a03b981ca31d6d9eade917b976612
Size

2.8MB
MD5

b8e3fbc43133bd12fcee8a8c95f6002c
SHA1

191f3464b173a4572c54f0e56e84c2ee4a1407f4
SHA256

8a2c593ef00842ded6f194646e8db4bf9a3a03b981ca31d6d9eade917b976612
SHA512

008ff766967e9ac757d2d6ec32340f3e8b201ddfc544aa78f487961d67e6430d1b5fbe88479ea4d8aeb6ced770e08333cd8c54c4919426147c44835fb5656eda
SSDEEP

49152:G2VxwxdUJCJKmzwruPOvCM7iEvVawk02lA6UmFMMW:HvwxdUYJbidCIiYV5krWVmFMMW

Score

N/A

Malware Config

Signatures

Files

8a2c593ef00842ded6f194646e8db4bf9a3a03b981ca31d6d9eade917b976612
.exe windows x86

4fb48bcfe580bbba1b93875487325abb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA
ShellExecuteA
SHGetSpecialFolderPathA
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

user32

SetCursor
IsDialogMessageA
SetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
GetForegroundWindow
SetTimer
EnableMenuItem
EnableWindow
OpenIcon
RegisterHotKey
UnregisterHotKey
EnumChildWindows
GetWindow
keybd_event
SwapMouseButton
GetFocus
SetClassLongA
LoadCursorFromFileA
ClipCursor
CallNextHookEx
SetWindowsHookExA
BlockInput
SetCapture
SendMessageTimeoutA
CharLowerA
ChangeDisplaySettingsA
EnumDisplaySettingsA
FindWindowA
MoveWindow
GetDlgItem
UnhookWindowsHookEx
GetParent
MsgWaitForMultipleObjects
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
IsWindowVisible
DispatchMessageA
TranslateMessage
GetWindowRect
RedrawWindow
ReleaseDC
GetDesktopWindow
AttachThreadInput
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
GetSystemMetrics
GetCursorPos
PeekMessageA
ShowWindow
GetMessagePos
SetActiveWindow
GetWindowInfo
SetLayeredWindowAttributes
GetWindowLongA
ShowCursor
CharUpperA
ReleaseCapture
GetClassNameA
GetWindowTextA
EnumWindows
GetWindowThreadProcessId
SetCursorPos
GetMessageA
wsprintfA
MessageBoxA
LockWorkStation
GetAsyncKeyState
GetKeyState
GetKeyboardState
ClientToScreen
mouse_event
PostMessageA
CallWindowProcA
SetWindowLongA
ExitWindowsEx
SetForegroundWindow
SetWindowPos
PostQuitMessage
SendMessageA
SetWindowRgn
IsWindowEnabled
GetLastActivePopup
ValidateRect
GetActiveWindow
GetNextDlgTabItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
UnregisterClassA
PtInRect
GetDlgCtrlID
SetWindowTextA
GetMenuItemCount
SendDlgItemMessageA
EndDialog
CreateDialogIndirectParamA
DestroyMenu
PostThreadMessageA
LoadStringA
GetSysColorBrush
LoadCursorA
LoadIconA
UpdateWindow
MapWindowPoints
GetSysColor
IsWindow
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMessageTime
DefWindowProcA
RemovePropA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
DestroyWindow
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
SetCapture
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
GetCapture
ReleaseCapture
SetTimer
IsWindowVisible
KillTimer
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
CopyAcceleratorTableA
CloseClipboard
wsprintfA
GetDlgItem
FindWindowExA
GetWindowTextA
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetWindowTextLengthA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
UnregisterClassA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA
GetSysColorBrush
GetMenu
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
GetForegroundWindow
CharUpperA
GetDesktopWindow
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetClipboardData

kernel32

GetLongPathNameA
GlobalFree
Module32First
Module32Next
GlobalReAlloc
GlobalLock
MoveFileA
SetEndOfFile
GetLastError
SetWaitableTimer
GetCurrentThreadId
RtlZeroMemory
VirtualProtect
IsDebuggerPresent
OpenEventA
CreateEventA
OpenThread
CreateThread
WriteFile
HeapFree
CopyFileA
GetCurrentThread
Sleep
InitializeCriticalSection
Thread32First
Thread32Next
CreatePipe
PeekNamedPipe
ReadFile
GetExitCodeProcess
VirtualFree
lstrcpynA
VirtualAlloc
LoadLibraryA
lstrcmpiA
FlushInstructionCache
ExitProcess
GetTimeFormatA
GetDateFormatA
CreateWaitableTimerA
ResumeThread
GetWindowsDirectoryA
MapViewOfFile
IsDBCSLeadByteEx
SetFileAttributesA
CreateDirectoryA
RemoveDirectoryA
GetEnvironmentVariableA
GetVersionExA
GetCommandLineA
FreeLibrary
WriteProcessMemory
DeleteCriticalSection
CreateProcessA
GetStartupInfoA
SuspendThread
InterlockedIncrement
RtlFillMemory
GetDriveTypeA
DeviceIoControl
QueryDosDeviceA
GetLogicalDriveStringsA
TerminateThread
GetExitCodeThread
CreateRemoteThread
CreateFileA
SetFilePointer
GetPrivateProfileStringA
LCMapStringA
WritePrivateProfileStringA
VirtualFreeEx
WaitForSingleObject
lstrcmpA
GetProcAddress
GetModuleFileNameA
GlobalAlloc
GetUserDefaultLCID
FindClose
FindFirstFileA
FindNextFileA
GetModuleHandleA
GetFileSize
GetLocalTime
VirtualAllocEx
IsBadReadPtr
HeapAlloc
EnterCriticalSection
_lclose
GetOEMCP
GetCPInfo
GetTickCount
GlobalUnlock
FlushFileBuffers
GetProcessVersion
FindResourceA
DebugActiveProcess
lstrlenA
GetCurrentProcess
RtlMoveMemory
GetProcessHeap
GetCurrentProcessId
ReadProcessMemory
lstrcpyn
RtlUnwind
RaiseException
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
GlobalDeleteAtom
TlsAlloc
LocalAlloc
LocalFree
LeaveCriticalSection
OpenProcess
CloseHandle
SetProcessWorkingSetSize
GetTempPathA
InterlockedDecrement
VirtualProtectEx
VirtualQueryEx
TerminateProcess
DeleteFileA
WideCharToMultiByte
LoadResource
CreateToolhelp32Snapshot
Process32First
Process32Next
MultiByteToWideChar
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcatA
lstrcpyA
GetVersion
MulDiv
GlobalFlags
SetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
HeapReAlloc
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
GetFileType
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
FreeEnvironmentStringsW
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
InterlockedDecrement
InterlockedIncrement
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
SetLastError
GetTimeZoneInformation
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetCurrentProcessId
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
Sleep
CreateEventA
CreateThread
WritePrivateProfileStringA
GetVersionExA
GetLastError
LoadLibraryA
FreeLibrary
GetFullPathNameA
WideCharToMultiByte
MultiByteToWideChar
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrlenA
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize
ExitProcess
GetCurrentThreadId
GetModuleFileNameA
RemoveDirectoryA
ReadFile
LockResource
LoadResource
FindResourceA
SetEvent
CreateFileA
WaitForMultipleObjects
WriteFile
GetProfileStringA
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
IsDBCSLeadByte
lstrcmpA
lstrcmpiA
lstrcpynA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
FlushViewOfFile
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFilePointer
GetFileSize
TerminateProcess
OpenProcess
GetProcessVersion
GetVersion
CreateMutexA
ReleaseMutex
TerminateThread
SuspendThread

advapi32

SetSecurityInfo
RegCloseKey
OpenProcessToken
RegDeleteValueA
RegOpenKeyExA
CryptEncrypt
CryptDestroyKey
CryptDecrypt
CryptDeriveKey
GetUserNameA
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
LookupAccountSidA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
InitializeAcl
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

ole32

OleInitialize
OleUninitialize
CLSIDFromString
CoRevokeClassObject
CoFreeUnusedLibraries
OleInitialize
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
CoUninitialize
CoRegisterMessageFilter
CoInitialize

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

shlwapi

PathIsSystemFolderA
PathIsDirectoryA
PathUnmakeSystemFolderA
PathIsDirectoryEmptyA
PathRenameExtensionA
StrFormatByteSize64A
PathFileExistsA
PathRemoveBlanksA
StrToInt64ExA
PathFindExtensionA
PathFindFileNameA
PathMakeSystemFolderA

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesA

wininet

InternetConnectA
InternetSetCookieA
InternetGetCookieA
HttpSendRequestA
InternetTimeToSystemTime
HttpOpenRequestA
InternetTimeFromSystemTime
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetGetCookieExA
HttpQueryInfoA

dbghelp

MakeSureDirectoryPathExists

iphlpapi

GetNetworkParams
IcmpCloseHandle
IcmpCreateFile

ws2_32

gethostname
WSACleanup
WSAStartup
gethostbyname
inet_addr
ioctlsocket
inet_ntoa
WSACleanup
closesocket
WSAAsyncSelect
ntohl
accept
getpeername
recv
recvfrom

gdi32

SetWindowExtEx
ExtTextOutA
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
GetClipBox
Escape
GetObjectA
SetBkColor
GetStockObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
RectVisible
PtVisible
CreateRoundRectRgn
DeleteObject
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
TextOutA
SetMapMode
SetViewportOrgEx
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetStockObject
CreateSolidBrush
FillRgn
CreateRectRgn
CombineRgn
PatBlt
CreatePen
GetObjectA
SelectObject
CreatePatternBrush
CreateHatchBrush
CreateBrushIndirect
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
SetPixelV
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
CreateBitmap
GetDIBits
GetDeviceCaps

winmm

mciSendStringA
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
waveOutRestart
midiStreamOut

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

psapi

EnumProcesses
GetProcessMemoryInfo
GetProcessImageFileNameA
GetModuleFileNameExA

setupapi

CM_Request_Device_EjectW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

oleaut32

SafeArrayGetElemsize
SafeArrayDestroyDescriptor
SysFreeString
VariantChangeType
VariantInit
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayDestroy
VariantCopy
SysAllocString
VariantClear
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
RegisterTypeLi
LHashValOfNameSys
VarR8FromBool
VarR8FromCy
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
VariantTimeToSystemTime
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

winhttp

WinHttpTimeToSystemTime
WinHttpTimeFromSystemTime

comdlg32

GetFileTitleA
GetSaveFileNameA
ChooseColorA
ChooseFontA
GetOpenFileNameA
GetFileTitleA

powrprof

SetSuspendState

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

ord17
ord17
ImageList_Destroy

oledlg

ord8

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 552KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fb48bcfe580bbba1b93875487325abb

Headers

File Characteristics

Imports

shell32

user32

kernel32

advapi32

ole32

crypt32

shlwapi

wtsapi32

wininet

dbghelp

iphlpapi

ws2_32

gdi32

winmm

version

psapi

setupapi

oleaut32

winhttp

comdlg32

powrprof

winspool.drv

comctl32

oledlg

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 552KB - Virtual size: 766KB

.rsrc Size: 280KB - Virtual size: 277KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 552KB - Virtual size: 766KB

.rsrc
Size: 280KB - Virtual size: 277KB