dbf063ebbc039c1ec0e3f8e0ffd6d259736e5a24b59973eb9022d80c7d24214c

Sharing

Copy URL Twitter E-mail

General

Target

dbf063ebbc039c1ec0e3f8e0ffd6d259736e5a24b59973eb9022d80c7d24214c
Size

1.3MB
MD5

fca0c69571a49b51ee5b12db81531dbb
SHA1

721470751f0f527b8eb85201337702b42a8adec9
SHA256

dbf063ebbc039c1ec0e3f8e0ffd6d259736e5a24b59973eb9022d80c7d24214c
SHA512

ddf30f85fa001a9ca570913a32cb940e28a93111d914106be1455d02bae7139342352f35cb5fd36e61b68a524c99977b47bef9757e63d89942773a80a3e46109
SSDEEP

12288:l8F+xRXc2q2lJ03ATsMnYU3r6QI5Qplk+TQ2j+uUZ5doHwzpVFacqKZqK70Dc/+:eF+V0wTn6QI5QJ+uk8cjJq2qVq+

Score

N/A

Malware Config

Signatures

Files

dbf063ebbc039c1ec0e3f8e0ffd6d259736e5a24b59973eb9022d80c7d24214c
.exe windows x86

f5ab08e6571e17ad74142dad840d2dc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
FileTimeToLocalFileTime
GetFileInformationByHandle
FindFirstFileExW
GetFullPathNameW
ExitProcess
Sleep
GetTickCount
GetCommandLineW
CreateMutexW
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
lstrcpyW
GetPrivateProfileSectionNamesW
DeleteFileA
CreateThread
DeleteFileW
CloseHandle
DeleteCriticalSection
FindNextFileW
DecodePointer
FindClose
GetProcAddress
GetLastError
RaiseException
GlobalUnlock
lstrlenW
MultiByteToWideChar
lstrcmpW
CreateFileW
GetModuleFileNameW
FileTimeToSystemTime
TerminateProcess
lstrcpynW
CopyFileW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
WideCharToMultiByte
GlobalAlloc
OpenProcess
WriteFile
GetPrivateProfileStringW
GetModuleHandleW
GlobalLock
GetModuleHandleExW
GetCurrentProcess
InterlockedDecrement
MoveFileExW
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileW
InterlockedIncrement
lstrcmpiW
GetLocalTime
FormatMessageW
GetFileAttributesW
CreateDirectoryW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFilePointer
MulDiv
GetCurrentDirectoryW
GetFileSize
ExpandEnvironmentStringsA
LoadLibraryA
PeekNamedPipe
WaitForMultipleObjects
WaitForSingleObject
FormatMessageA
VerifyVersionInfoA
SleepEx
VerSetConditionMask
InitializeCriticalSection
SetEnvironmentVariableA
SetEndOfFile
WriteConsoleW
SetStdHandle
LoadLibraryExW
FreeLibrary
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
FlushFileBuffers
GetConsoleCP
GetFileType
ReadConsoleW
GetConsoleMode
SetFilePointerEx
HeapSize
GetTimeZoneInformation
GetStdHandle
AreFileApisANSI
GetCurrentThreadId
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
LocalFree
IsDebuggerPresent
OutputDebugStringW
HeapFree
HeapAlloc
IsProcessorFeaturePresent
ReadFile
GetSystemTimeAsFileTime
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW

user32

GetSubMenu
GetWindowRect
SetTimer
wsprintfA
FindWindowW
IsWindow
ShowWindow
SetForegroundWindow
LoadMenuW
GetParent
GetCursorPos
TrackPopupMenu
LoadIconW
DestroyIcon
LoadCursorW
SetCursor
InflateRect
UnionRect
OffsetRect
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostMessageW
DestroyWindow
IsWindowVisible
IsIconic
IsZoomed
CharNextW
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
ScreenToClient
MapWindowPoints
GetSysColor
IntersectRect
IsRectEmpty
PtInRect
GetWindowLongW
SetWindowLongW
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
EnableWindow
SetPropW
GetPropW
CharPrevW
DrawTextW
FillRect
SetRect
SetWindowRgn
UpdateWindow
UpdateLayeredWindow
MoveWindow
GetWindowRgn
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
EqualRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
IsWindowEnabled
DrawTextA
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
GetKeyboardLayout
GetKeyNameTextW
MapVirtualKeyExW
wsprintfW
SetWindowPos
DefWindowProcW
GetSystemMetrics
RegisterClassW
MessageBoxW
CreateWindowExW
KillTimer

gdi32

GetCharABCWidthsW
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
GetClipBox
GetTextMetricsW
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SaveDC
LineTo
SetWindowOrgEx
BitBlt
GetTextExtentPoint32W
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
GetObjectA
MoveToEx
TextOutW
GdiFlush
CreateRectRgn
PtInRegion
CreatePatternBrush
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
CreatePen
CreateDIBitmap
CreateFontIndirectW
SelectClipRgn

advapi32

CryptHashData
CryptDestroyHash
RegCloseKey
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
RegQueryValueExW
RegOpenKeyExW

shell32

DragQueryFileW
ShellExecuteExW
SHCreateDirectoryExA
CommandLineToArgvW
Shell_NotifyIconW
SHCreateDirectoryExW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
DoDragDrop
CoCreateInstance
CoInitialize
OleInitialize
OleUninitialize
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

shlwapi

PathFileExistsW
PathIsDirectoryW
PathIsRootW
PathIsRootA
PathIsDirectoryA

urlmon

URLDownloadToFileW

gdiplus

GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCloneBrush
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipTranslateWorldTransform
GdipRotateWorldTransform
ord1
GdipAddPathLine
GdipDeletePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipBitmapLockBits
GdipCloneImage
GdipCreateFromHDC
GdipDrawString
GdipDeleteGraphics
GdipFree
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipGetImageWidth

ws2_32

gethostname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSAIoctl
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
WSACleanup
WSAStartup
gethostbyname

wldap32

ord35
ord79
ord30
ord200
ord301
ord143
ord46
ord211
ord60
ord50
ord41
ord22
ord26
ord27
ord32
ord33

comctl32

InitCommonControlsEx
_TrackMouseEvent
ord17

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 723KB - Virtual size: 722KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5ab08e6571e17ad74142dad840d2dc2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

gdiplus

ws2_32

wldap32

comctl32

imm32

Sections

.text Size: 723KB - Virtual size: 722KB

.rdata Size: 167KB - Virtual size: 167KB

.data Size: 17KB - Virtual size: 27KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 419KB - Virtual size: 418KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 723KB - Virtual size: 722KB

.rdata
Size: 167KB - Virtual size: 167KB

.data
Size: 17KB - Virtual size: 27KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 419KB - Virtual size: 418KB

.reloc
Size: 43KB - Virtual size: 42KB