5b2fefd07c9ddecd7335905322f9352575bbae306612bd75f4e55a46e8bced6f

Sharing

Copy URL Twitter E-mail

General

Target

5b2fefd07c9ddecd7335905322f9352575bbae306612bd75f4e55a46e8bced6f
Size

1.7MB
MD5

78cae4a6c8e1570509a22498364f87cf
SHA1

0bffc3c77828918cc5a5e7d5688654e9c9e8d9d2
SHA256

5b2fefd07c9ddecd7335905322f9352575bbae306612bd75f4e55a46e8bced6f
SHA512

5095b49a93e872c28853550443d53ba52fdff4cd73c5b150997159e9a9109fa37f639e94e6688e2c893bb68414e9b1c97d6f66c46b210517245028334e4162cf
SSDEEP

24576:273Y/M/aGcM3QEGug1+pWtTxwv1fMGVv1fMG4xXXMDOgxar:27VfhGufWtT2v1fMmv1fMLha9ar

Score

N/A

Malware Config

Signatures

Files

5b2fefd07c9ddecd7335905322f9352575bbae306612bd75f4e55a46e8bced6f
.exe windows x86

ba891e191f2aa5fa8da740be7066de0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW

kernel32

HeapCreate
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
EncodePointer
DecodePointer
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
RaiseException
FlushInstructionCache
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTickCount
GetTimeZoneInformation
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
InterlockedIncrement
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleW
FlushFileBuffers
CompareStringW
SetEnvironmentVariableA
InterlockedDecrement
lstrlenW
GetFileType
GetLocalTime
FindNextFileW
DeleteFileW
FindClose
CreateFileW
ReadFile
WriteFile
SetFilePointer
FindFirstFileW
CreateProcessW
LocalFree
Sleep
CreateThread
WaitForSingleObject
GetSystemDefaultLCID
GetTempPathW
CreateDirectoryW
CreateMutexW
CloseHandle
GetCommandLineW
LoadLibraryExW
lstrcmpiW
GetModuleHandleW
lstrcpyW
GetCurrentProcessId
LoadLibraryW
FreeLibrary
GetProcAddress
GetUserDefaultUILanguage
lstrcmpW
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
GetCurrentThreadId
GetModuleFileNameW
MulDiv
QueryPerformanceCounter

user32

EqualRect
GetDoubleClickTime
GetClassLongW
DestroyCursor
KillTimer
SetTimer
IntersectRect
EnableMenuItem
SetRect
GetDlgCtrlID
GetCapture
SetCursor
ChildWindowFromPoint
LoadAcceleratorsW
GetMessageW
TranslateMessage
DispatchMessageW
GetMenu
SetWindowsHookExW
CallNextHookEx
CloseClipboard
CharLowerW
UnhookWindowsHookEx
GetDCEx
OffsetRect
SetRectEmpty
InflateRect
WindowFromPoint
GetSysColorBrush
FrameRect
DrawStateW
DrawEdge
DrawTextW
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
GetGUIThreadInfo
GetForegroundWindow
TrackPopupMenuEx
PeekMessageW
PtInRect
CheckMenuRadioItem
RemoveMenu
AppendMenuW
LoadStringA
OpenClipboard
GetClipboardData
GetKeyState
GetSubMenu
GetCursorPos
UnregisterClassA
SetMenuDefaultItem
RegisterHotKey
UnregisterHotKey
MessageBeep
SetDlgItemTextW
IsMenu
GetMenuItemInfoW
PostQuitMessage
GetWindowDC
LoadStringW
SetMenuItemInfoW
LoadBitmapW
SystemParametersInfoW
GetMenuStringW
LoadMenuW
TranslateAcceleratorW
ModifyMenuW
GetMenuItemID
CheckMenuItem
SetForegroundWindow
CopyRect
SetParent
UpdateWindow
SetWindowPlacement
GetWindowPlacement
IsIconic
SetMenu
PostMessageW
ShowWindow
DialogBoxParamW
GetMessagePos
TrackPopupMenu
GetSystemMetrics
MonitorFromPoint
DestroyMenu
LoadImageW
DestroyIcon
GetMenuItemCount
DeleteMenu
InsertMenuW
CreatePopupMenu
EnableWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ScreenToClient
ClientToScreen
CharNextW
GetSysColor
GetFocus
CallWindowProcW
IsWindowVisible
DefWindowProcW
EndDialog
SendMessageW
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
SetWindowPos
IsWindow
MessageBoxW
GetDlgItem
GetParent
SetFocus
GetClientRect
MoveWindow
SetWindowTextW
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
FindWindowW

gdi32

GetClipBox
SetViewportOrgEx
SelectClipRgn
IntersectClipRect
Polyline
DPtoLP
SetWindowOrgEx
GetClipRgn
CreateRectRgn
EnumFontFamiliesW
RestoreDC
SaveDC
AddFontResourceW
PatBlt
RemoveFontResourceW
CreateBitmap
CreatePatternBrush
TextOutW
LineTo
MoveToEx
Polygon
Rectangle
SetTextColor
SetBkMode
SetBkColor
ExtTextOutW
CreatePen
GetCurrentObject
CreateDIBSection
GetTextMetricsW
CreateFontIndirectW
GetStockObject
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteObject
GetObjectW
GetDIBits
DeleteDC
SetDIBits
CreateCompatibleBitmap
SelectObject
LPtoDP

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteExW

ole32

DoDragDrop
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2

oleaut32

SysFreeString
SysStringLen
VariantInit
VariantClear
SysAllocString
DispCallFunc
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocStringLen

urlmon

CoInternetGetSession

comctl32

DestroyPropertySheetPage
ImageList_DrawIndirect
ImageList_GetImageCount
ImageList_Destroy
ImageList_LoadImageW
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_SetBkColor
PropertySheetW
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_GetIcon
ImageList_Draw
ImageList_GetIconSize
ImageList_GetImageInfo
_TrackMouseEvent
ord8
ImageList_DrawEx

msimg32

GradientFill

Sections

.text
Size: 614KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

knwxtlu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 228KB - Virtual size: 228KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba891e191f2aa5fa8da740be7066de0f

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

urlmon

comctl32

msimg32

Sections

.text Size: 614KB - Virtual size: 614KB

.rdata Size: 139KB - Virtual size: 139KB

.data Size: 129KB - Virtual size: 138KB

.rsrc Size: 798KB - Virtual size: 798KB

.reloc Size: 42KB - Virtual size: 41KB

knwxtlu Size: 4KB - Virtual size: 4KB

Size: 228KB - Virtual size: 228KB

.text
Size: 614KB - Virtual size: 614KB

.rdata
Size: 139KB - Virtual size: 139KB

.data
Size: 129KB - Virtual size: 138KB

.rsrc
Size: 798KB - Virtual size: 798KB

.reloc
Size: 42KB - Virtual size: 41KB

knwxtlu
Size: 4KB - Virtual size: 4KB