454f6161f860a2298bef7d03f877958d539d99411f6da7beab530380c802350a

Sharing

Copy URL Twitter E-mail

General

Target

454f6161f860a2298bef7d03f877958d539d99411f6da7beab530380c802350a
Size

2.4MB
MD5

7d8814ce2ff3e301333394e5c7f88bf4
SHA1

2f820e111c974da7daaf89941c03ea11306e5288
SHA256

454f6161f860a2298bef7d03f877958d539d99411f6da7beab530380c802350a
SHA512

be2365951d997420bbfa39373531ef433855cba045180c870f83fbc2ed2ad634ea85c7a9113fa4b0655415b2adf3c9da9f3465a7355be427b856619f22e86df2
SSDEEP

24576:0HPuiBpirkVJWC5sOVU2E+RnLnmvvg9jFqOEy0GEqg861ycZTcyPdvv5E6WnB9a0:0vuJgX2uE+RnbqojEGjXo4ybSB9b

Score

N/A

Malware Config

Signatures

Files

454f6161f860a2298bef7d03f877958d539d99411f6da7beab530380c802350a
.exe windows x86

7de1f19076d9531b9ec498e06e193426

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateFileW
MapViewOfFile
UnmapViewOfFile
FileTimeToLocalFileTime
OpenEventA
WideCharToMultiByte
FindResourceA
SizeofResource
LockResource
LoadResource
CreateThread
GetCommandLineA
FreeResource
WaitForSingleObject
Sleep
SuspendThread
TerminateThread
CloseHandle
ResumeThread
GetModuleFileNameA
GetVersion
CreateEventA
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
ResetEvent
SetEvent
GetProcAddress
LoadLibraryA
GetLocalTime
VirtualAlloc
VirtualFree
FreeLibrary
SetLastError
GetLastError
GetModuleHandleA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcmpW
MultiByteToWideChar
CompareStringA
lstrlenA
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
GetLocaleInfoW
CreateProcessA
GetExitCodeProcess
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetHandleCount
GetConsoleMode
GetConsoleCP
LoadLibraryW
IsValidCodePage
GetACP
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitProcess
VirtualQuery
GetSystemInfo
IsBadReadPtr
HeapValidate
GetStartupInfoA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetTickCount
WritePrivateProfileStringA
GetFileSizeEx
GetModuleHandleW
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
LocalFree
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetOEMCP
GetCPInfo
VirtualProtect
GlobalFlags
GetAtomNameA
SetErrorMode
InterlockedDecrement
GetModuleFileNameW
GetFileTime
GetFileAttributesA
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetCurrentProcessId
FormatMessageA

user32

CharUpperA
SetRectEmpty
SetCursorPos
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetWindowThreadProcessId
TranslateAcceleratorA
LoadAcceleratorsA
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
ShowWindow
MoveWindow
IsDialogMessageA
GetMenuCheckMarkDimensions
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
WinHelpA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
LoadIconA
PostThreadMessageA
SetScrollRange
SetScrollPos
GetScrollPos
MapDialogRect
EnableWindow
SetWindowContextHelpId
GetForegroundWindow
SetForegroundWindow
TranslateMessage
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
GetFocus
SetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
RedrawWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
UpdateWindow
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
IsZoomed
IsIconic
GetSystemMenu
PostMessageA
GetKeyState
SetWindowPos
GetParent
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
LoadMenuA
SetMenuItemBitmaps
ModifyMenuA
InsertMenuItemA
GetSubMenu
GetMenuItemInfoA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMessageA
GetClipboardFormatNameA
CopyAcceleratorTableA
CharNextA
EnableMenuItem
IsRectEmpty
UnregisterClassA
RegisterClipboardFormatA
CheckMenuItem
InflateRect
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
GrayStringA
DrawTextExA
TabbedTextOutA
DrawFocusRect
DrawStateA
FrameRect
LoadBitmapA
GetSysColorBrush
GetWindowLongA
SetWindowLongA
SetRect
MessageBeep
SetWindowTextA
LoadCursorA
CopyRect
DrawTextA
GetCursorPos
PtInRect
WindowFromPoint
GetCapture
ReleaseCapture
GetDesktopWindow
DrawIconEx
wsprintfA
IsWindow
SendMessageA
LoadImageA
GetDC
ReleaseDC
GetSysColor
FillRect
SetCursor
DestroyIcon
DestroyCursor
TrackPopupMenu

gdi32

GetDeviceCaps
GetObjectA
GetPixel
SetPixel
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
PatBlt
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
Escape
CreateFontIndirectA
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
ExtSelectClipRgn
CreateSolidBrush
SetBkMode
GetObjectType
CreatePen
CreatePatternBrush

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

SetThreadToken
RevertToSelf
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenThreadToken

shell32

DragFinish
DragQueryFileA
ShellExecuteExA

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindFileNameA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
OleFlushClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
StringFromCLSID
OleIsCurrentClipboard
CoRegisterMessageFilter
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocString
VariantCopy
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
SystemTimeToVariantTime

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
gethostbyname
inet_addr
htons
socket
connect
WSAAsyncSelect
closesocket

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Romase
Size: 910KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Romase
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7de1f19076d9531b9ec498e06e193426

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

msvcrt

iphlpapi

psapi

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.Romase Size: 910KB - Virtual size: 912KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 4KB

.Romase Size: 4KB - Virtual size: 4KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.Romase
Size: 910KB - Virtual size: 912KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 4KB

.Romase
Size: 4KB - Virtual size: 4KB