5bb26b3fc119ce670cf9bf241a29845cbd43b471f916ce189ac33b5c4130b833

Sharing

Copy URL Twitter E-mail

General

Target

5bb26b3fc119ce670cf9bf241a29845cbd43b471f916ce189ac33b5c4130b833
Size

667KB
MD5

21af55a5f3b848a8422975dc06ce42ce
SHA1

609d827597be86fb4ca93834c796c268c3205e1c
SHA256

5bb26b3fc119ce670cf9bf241a29845cbd43b471f916ce189ac33b5c4130b833
SHA512

0b9be4e8928cc726bc0b7d6d95ce84d2016e7f192fdaecce6ef2faf77b8972452bf987f3bf21d7aa967fffafb080df74e89fde246a204af5e7c3a1d6419beeef
SSDEEP

6144:6AgQthOZF7urDfzq/nEceO+VaZYpNLPCpN42aoCj6KJo0BK8o0BKIP:62TOZF7urDfm/EcH+VnCpuoKJdh

Score

N/A

Malware Config

Signatures

Files

5bb26b3fc119ce670cf9bf241a29845cbd43b471f916ce189ac33b5c4130b833
.exe windows x86

92025f8efbd39b1efa046efc8dcfe5f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

shutdown
htons
bind
listen
accept
recv
send
socket
connect
WSAGetLastError
gethostbyname
inet_ntoa
gethostname
WSAStartup
WSACleanup
closesocket

hooksock

SethWnd
InstallHook
RemoveHook

kernel32

RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
CreateThread
ExitThread
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
HeapAlloc
HeapFree
FreeEnvironmentStringsA
GetTickCount
GetVersionExA
GetVersion
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
lstrlenW
GetCPInfo
LockResource
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
LocalAlloc
VirtualProtect
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
LoadResource
FindResourceA
lstrcmpiA
GetLastError
CreateMutexA
GetStringTypeW
FreeLibrary
GetProcAddress
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetModuleFileNameA
GetCurrentThread
GlobalFree
lstrcmpA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
lstrcpynA
FormatMessageA
LocalFree
GetModuleHandleA
SetLastError
InterlockedDecrement
InterlockedIncrement
MulDiv
GetWindowsDirectoryA
LoadLibraryA
TerminateThread
GlobalAlloc
GlobalLock
GlobalUnlock
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
Sleep
WinExec
DeleteCriticalSection
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
ConnectNamedPipe
ReadFile
DisconnectNamedPipe
GetCurrentDirectoryA
CreateFileA
SizeofResource
WriteFile
CloseHandle
CreateNamedPipeA
InitializeCriticalSection

user32

PostQuitMessage
CharUpperA
GetAsyncKeyState
MapDialogRect
LoadStringA
WaitMessage
GetDCEx
LockWindowUpdate
CharNextA
SetWindowContextHelpId
SetParent
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetRectEmpty
GetMessageA
TranslateMessage
ValidateRect
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
IntersectRect
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
DestroyMenu
MessageBoxExA
ReleaseCapture
RedrawWindow
SetCapture
LoadCursorA
CopyIcon
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindow
GetCursorPos
KillTimer
PtInRect
GetIconInfo
CreateIconIndirect
DrawStateA
FrameRect
InflateRect
OffsetRect
DrawFocusRect
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
DestroyCursor
InvalidateRect
IsWindowVisible
IsIconic
DrawIcon
FindWindowA
SetWindowPos
SetTimer
GetWindowLongA
SetWindowLongA
GetSystemMenu
SendMessageA
LoadIconA
MessageBoxA
GetClassNameA
PostMessageA
GetWindowRect
GetClientRect
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
GetDlgItem
ShowWindow
SetWindowRgn
LoadImageA
EnableWindow
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetWindow

gdi32

GetDIBits
RealizePalette
SelectPalette
CreateDCA
GetTextMetricsA
CreateFontA
StretchBlt
CreateDIBitmap
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
CreateHalftonePalette
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
DPtoLP
StretchDIBits
GetCharWidthA
LPtoDP
GetTextColor
GetBkColor
GetDIBColorTable
CreatePalette
SetBkColor
SetTextColor
CreateBitmap
CreateRectRgn
CombineRgn
GetStockObject
Escape
ExtTextOutA
TextOutA
PatBlt
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
GetTextExtentPointA
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteExA
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ord17
PropertySheetA
DestroyPropertySheetPage
ImageList_GetIcon
CreatePropertySheetPageA

oledlg

ord8

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253
ord251

oleaut32

SysAllocStringByteLen
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
VariantCopy
SysFreeString
VariantClear
SysAllocString

wsock32

WSAAsyncSelect
inet_ntoa
recvfrom
sendto
htonl
ioctlsocket
WSASetLastError

wininet

InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 10.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92025f8efbd39b1efa046efc8dcfe5f2

Headers

File Characteristics

Imports

ws2_32

hooksock

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 16KB - Virtual size: 10.1MB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 16KB - Virtual size: 10.1MB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB