06f2ee6688f93f0b95e28226692d0ae838a6463f3bb3bd4e4233ada1ad4f5f2f

Sharing

Copy URL Twitter E-mail

General

Target

06f2ee6688f93f0b95e28226692d0ae838a6463f3bb3bd4e4233ada1ad4f5f2f
Size

940KB
MD5

7300dcd48567bd617c3fa0beb1c69a9b
SHA1

f2c91086db15a2d4366891ea46e401cc381d69c1
SHA256

06f2ee6688f93f0b95e28226692d0ae838a6463f3bb3bd4e4233ada1ad4f5f2f
SHA512

b4ec0d1eb9c51e41d82468dd3009d722082c453c3d68b3021c45eff7566fd833465ecf679a03e5ff821a756ccf4563f4e70ff8a8dc42392c712189e3fdef5c58
SSDEEP

24576:TLBebl6iZh7l1GG+VxXK0YEtAyfC5YuersVt:TFql6iZh7l1OjhfC4sVt

Score

N/A

Malware Config

Signatures

Files

06f2ee6688f93f0b95e28226692d0ae838a6463f3bb3bd4e4233ada1ad4f5f2f
.exe windows x86

30b7cb9f58ede8e4eace91fe612af9d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_global_init
curl_easy_getinfo
curl_slist_append
curl_global_cleanup

kernel32

LocalFileTimeToFileTime
GetTickCount
FileTimeToSystemTime
FindFirstFileW
VirtualQuery
OutputDebugStringW
LockResource
FindNextFileW
lstrcpyW
FindResourceExW
MulDiv
Sleep
CreateThread
ExitProcess
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
WaitForSingleObject
SetEvent
ResetEvent
CreateEventW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTempPathA
DeleteFileA
GetFullPathNameW
GetComputerNameA
FindFirstFileExW
FindClose
LocalAlloc
GetModuleFileNameA
LocalFree
LoadLibraryW
CreateMutexA
ReleaseMutex
DuplicateHandle
VirtualProtect
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
SwitchToThread
GetCurrentDirectoryW
DeleteTimerQueueTimer
CreateTimerQueueTimer
CreateFileW
ReadFile
GetFileAttributesW
WideCharToMultiByte
WriteFile
SetFileTime
CreateDirectoryW
SystemTimeToFileTime
SetFilePointer
LoadLibraryA
GetCurrentThreadId
DeleteCriticalSection
CreateHardLinkW
RemoveDirectoryW
GetShortPathNameW
GetLongPathNameW
MoveFileW
DeviceIoControl
SetFileAttributesW
DeleteFileW
GetProcessAffinityMask
ReleaseSemaphore
InitializeCriticalSection
GetVersionExW
SetThreadExecutionState
GetSystemDirectoryW
SetThreadPriority
FoldStringW
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
FileTimeToLocalFileTime
IsDBCSLeadByte
HeapDestroy
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
InterlockedCompareExchange
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
LCMapStringW
CompareStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
lstrcmpiW
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
RaiseException
FlushInstructionCache
InitializeCriticalSectionEx
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
LoadResource
FreeLibrary
FindResourceW
UnmapViewOfFile
CloseHandle
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
ChangeTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
CreateTimerQueue
GetThreadPriority
UnregisterWait
SetThreadAffinityMask
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
HeapFree
SetFilePointerEx
GetConsoleCP
GetFileType
GetStringTypeW
GetCurrentThread
GetCPInfo
HeapAlloc
GetModuleHandleExW
AreFileApisANSI
GetSystemTimeAsFileTime
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
ReadConsoleW
GetConsoleMode
RtlUnwind
GetStdHandle
HeapSize
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineW
HeapReAlloc
SignalObjectAndWait

user32

CharNextW
GetMessageW
CharToOemBuffA
wsprintfW
MoveWindow
EnableWindow
MapWindowPoints
CharToOemBuffW
LoadCursorW
CharUpperW
OemToCharBuffA
OemToCharA
CharToOemA
UnregisterClassW
SetWindowTextA
GetSystemMetrics
IsWindow
FrameRect
SetWindowPos
GetSysColor
DestroyCursor
ReleaseDC
SystemParametersInfoW
GetWindowTextW
GetClassInfoExW
TranslateMessage
RegisterClassExW
CharLowerW
GetWindowRect
DispatchMessageW
DefWindowProcW
CallWindowProcW
SendMessageW
CreateWindowExW
ShowWindow
SetWindowLongW
GetDlgItem
PeekMessageW
IsZoomed
FindWindowExA
MessageBoxA
GetActiveWindow
MessageBoxW
LoadIconW
GetCursorPos
EndPaint
ClientToScreen
SetCursor
GetWindowTextLengthW
ScreenToClient
InvalidateRect
GetWindowDC
RegisterWindowMessageW
IsIconic
FillRect
PostMessageW
DrawTextW
SetForegroundWindow
GetParent
TrackMouseEvent
GetClientRect
BeginPaint
PtInRect
GetDC
InflateRect
OffsetRect
GetWindowLongW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutW
SaveDC
OffsetWindowOrgEx
CreateFontW
SetBkMode
RestoreDC
CreateSolidBrush
DeleteDC
SetTextColor
SetViewportOrgEx
GetTextExtentPoint32W
BitBlt
SetWindowOrgEx
SetStretchBltMode
SetBkColor
GetDeviceCaps

advapi32

SetFileSecurityW
OpenProcessToken
AdjustTokenPrivileges
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
LookupPrivilegeValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA
Shell_NotifyIconW

ole32

CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW
PathIsDirectoryW
PathRemoveFileSpecA
PathFileExistsA

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipSetStringFormatAlign
GdipSetSmoothingMode
GdipDeleteFontFamily
GdipCreateSolidFill
GdipAlloc
GdipCreateFont
GdipDrawString
GdipDrawImagePointsI
GdipCreateFromHDC
GdipSetInterpolationMode
GdipCreateStringFormat
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipLoadImageFromStream
GdipDisposeImage
GdipCloneImage
GdipSetStringFormatLineAlign
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipSetStringFormatFlags
GdiplusShutdown
GdipCreateFontFamilyFromName
GdiplusStartup

comctl32

_TrackMouseEvent
InitCommonControlsEx

iphlpapi

GetAdaptersInfo
SendARP

ws2_32

WSAStartup
gethostbyname
inet_addr
inet_ntoa
gethostname

Sections

.text
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sign
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30b7cb9f58ede8e4eace91fe612af9d0

Headers

DLL Characteristics

File Characteristics

Imports

libcurl

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

comctl32

iphlpapi

ws2_32

Sections

.text Size: 458KB - Virtual size: 457KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 18KB - Virtual size: 1.1MB

.sign Size: 512B - Virtual size: 64B

.rsrc Size: 306KB - Virtual size: 306KB

.reloc Size: 64KB - Virtual size: 63KB

.text
Size: 458KB - Virtual size: 457KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 18KB - Virtual size: 1.1MB

.sign
Size: 512B - Virtual size: 64B

.rsrc
Size: 306KB - Virtual size: 306KB

.reloc
Size: 64KB - Virtual size: 63KB