a678a73e0681c6961c11e519275769f49d40f8a31da804d168ad952666c87694

Sharing

Copy URL Twitter E-mail

General

Target

a678a73e0681c6961c11e519275769f49d40f8a31da804d168ad952666c87694
Size

1.4MB
MD5

e6983890c877a4bc3db2f606427c4822
SHA1

3407c807a2b4ab93cbc9039aada4b14a1f4effd0
SHA256

a678a73e0681c6961c11e519275769f49d40f8a31da804d168ad952666c87694
SHA512

87625bd55fe7015977313cb904d43a5b3626a1b0cefd5b5ca16fb580fe88b84a7a84bd52e2b5d59ea0990e3a6eb74368c3f279c95b75eb274cf726ce20a46e0e
SSDEEP

24576:WuYofFPgQIwDM2tJ/pu55IGhyczRZKvsfOB+gzUl5MkPgsO:FBVTZcN0RzXcq

Score

N/A

Malware Config

Signatures

Files

a678a73e0681c6961c11e519275769f49d40f8a31da804d168ad952666c87694
.exe windows x86

af9f738e73630e2883d36908e53c16ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmDisableIME

kernel32

FileTimeToLocalFileTime
GetUserDefaultLangID
RaiseException
GetWindowsDirectoryW
OutputDebugStringW
InterlockedExchange
FlushInstructionCache
GetPrivateProfileIntW
InterlockedDecrement
FreeResource
InterlockedIncrement
GetStdHandle
WaitForMultipleObjects
VirtualFree
VirtualAlloc
SetEvent
ReleaseSemaphore
ResetEvent
CreateSemaphoreW
CreateEventW
lstrcpyW
lstrcatW
SetFileAttributesW
CreateFileA
lstrcmpiW
LoadLibraryExW
GlobalUnlock
VerSetConditionMask
VerifyVersionInfoW
GlobalLock
GlobalAlloc
TerminateThread
GetCommandLineW
MapViewOfFileEx
GetDriveTypeW
GetDiskFreeSpaceExW
GlobalFree
GetExitCodeThread
CreateThread
ResumeThread
CreateProcessW
GetExitCodeProcess
lstrcmpW
GetComputerNameA
LockResource
LoadResource
CreateDirectoryW
FindFirstFileA
CloseHandle
GetLastError
SizeofResource
lstrlenW
ReadFile
SetEndOfFile
DeviceIoControl
GlobalMemoryStatusEx
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFullPathNameA
GetDriveTypeA
GetCurrentDirectoryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
GetModuleFileNameA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
GetStartupInfoW
VirtualQuery
VirtualProtect
ExitThread
ExitProcess
GetModuleHandleA
GetFileType
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
LoadLibraryA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetFileSize
WideCharToMultiByte
lstrlenA
GetFileAttributesW
FindResourceExW
WriteFile
FindResourceW
LocalFileTimeToFileTime
GetLocalTime
ReleaseMutex
SetFilePointer
CreateMutexW
GetCurrentThreadId
GetFileSizeEx
WaitForSingleObject
GetCurrentProcessId
SystemTimeToFileTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
SetFileTime
FlushFileBuffers
CreateFileMappingW
GetTempFileNameW
GetTickCount
GetVolumeInformationW
CopyFileW
MoveFileW
SetLastError
GetFileAttributesExW
SetCurrentDirectoryW
UnmapViewOfFile
MapViewOfFile
GetCurrentDirectoryW
InterlockedCompareExchange
GetSystemInfo
Sleep
LocalFree
LocalAlloc
GetTempPathW
GetVersionExW
GetSystemDirectoryW
GetProcAddress
LoadLibraryW
GetModuleHandleW
QueryDosDeviceW
GetPrivateProfileStringW
GetLogicalDriveStringsW
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteCriticalSection
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
InitializeCriticalSection
FreeLibrary
OpenProcess
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetModuleFileNameW
MoveFileExW
MultiByteToWideChar
CreateFileW

user32

GetDesktopWindow
LoadStringW
CreateWindowExW
InflateRect
GetWindowTextW
EndPaint
GetClientRect
EnumDisplayDevicesA
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
UnregisterClassA
GetCursorPos
SetWindowPos
FindWindowW
SetCursor
SetActiveWindow
ScreenToClient
ShowWindow
GetDlgCtrlID
BeginPaint
GetActiveWindow
GetWindowRect
DestroyIcon
IntersectRect
EnableWindow
SystemParametersInfoW
ClientToScreen
EqualRect
IsWindowVisible
DispatchMessageW
PostMessageW
TranslateMessage
SetRectEmpty
IsRectEmpty
IsDialogMessageW
AttachThreadInput
GetMonitorInfoW
SendMessageW
SetForegroundWindow
MonitorFromWindow
DestroyWindow
GetParent
GetForegroundWindow
IsWindowEnabled
IsChild
GetWindowThreadProcessId
MapWindowPoints
ReleaseCapture
SetWindowLongW
GetFocus
GetWindow
SetTimer
GetWindowLongW
GetMessageW
SetCapture
IsWindow
DefWindowProcW
PeekMessageW
MoveWindow
SetFocus
UpdateLayeredWindow
InvalidateRect
GetDlgItem
LoadIconW
RegisterWindowMessageW
OffsetRect
CallWindowProcW
DrawIconEx
CopyRect
PostThreadMessageW
ReleaseDC
PtInRect
GetDC
GetNextDlgTabItem
SetRect
RegisterClassExW
KillTimer
CharUpperW
CharLowerW
CharNextW
LoadBitmapW
GetWindowTextLengthW
LoadImageW
SetWindowTextW
GetKeyState
DrawTextW
GetClassInfoExW
LoadCursorW

gdi32

GetClipRgn
TextOutW
GetTextMetricsW
CreateCompatibleBitmap
CreateBitmap
SetStretchBltMode
StretchBlt
CreateDIBSection
CreateRectRgn
CreateCompatibleDC
CreateRectRgnIndirect
GetTextExtentPoint32W
CombineRgn
SetBkMode
SaveDC
SelectClipRgn
ExtTextOutW
GetViewportOrgEx
SetBkColor
MoveToEx
GetTextColor
ExtSelectClipRgn
LineTo
Rectangle
OffsetRgn
RestoreDC
CreateFontIndirectW
SetTextColor
GetDeviceCaps
SelectObject
RectInRegion
DeleteDC
DeleteObject
CreateRoundRectRgn
CreatePen
GetObjectW
GetStockObject
BitBlt
SetViewportOrgEx
RoundRect
GetCurrentObject

advapi32

OpenProcessToken
LookupPrivilegeValueW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
CreateProcessAsUserW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
DeleteAce
GetAce
GetNamedSecurityInfoW
ControlService
RegEnumValueW
StartServiceW
QueryServiceStatus
DeleteService
ChangeServiceConfig2W
ChangeServiceConfigW
OpenServiceW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
DuplicateTokenEx
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
SetTokenInformation
RegSetValueExW
RegOpenKeyW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
ord680
SHGetFolderPathW
SHBrowseForFolderW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateGuid

oleaut32

VariantInit
SafeArrayUnlock
SafeArrayLock
VarUI4FromStr
SysStringLen
VariantCopy
VariantClear
SysAllocString
SysFreeString

shlwapi

PathRemoveExtensionW
StrToIntW
StrToIntA
PathAddBackslashW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathAppendW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipCloneBitmapArea
GdipImageRotateFlip
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipGetImagePixelFormat
GdipLoadImageFromStream
GdipCloneFontFamily
GdipSetImageAttributesColorMatrix
GdipDeleteGraphics
GdipDeleteFont
GdipSetTextRenderingHint
GdipCreatePen1
GdipFree
GdipCreateBitmapFromScan0
GdipDeleteFontFamily
GdipDrawString
GdipGetImageGraphicsContext
GdipTranslateWorldTransform
GdipDrawPath
GdipSetInterpolationMode
GdipDeletePen
GdipRotateWorldTransform
GdipSetPixelOffsetMode
GdipCreateFont
GdipResetWorldTransform
GdipGetFamily
GdipCreateStringFormat
GdipDrawLinesI
GdipFillRectangleI
GdipAddPathArcI
GdipDeleteStringFormat
GdipCreateFontFromLogfontW
GdipCreatePath
GdipSetPenDashStyle
GdipSetPenEndCap
GdipCreateLineBrushFromRectWithAngleI
GdipDeletePath
GdipFillPath
GdipSetPenStartCap
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipCloneBrush
GdipGetFontSize
GdipSetStringFormatLineAlign
GdipDrawImageRectRect
GdipSetPenMode
GdipDeleteBrush
GdipGraphicsClear
GdipMeasureString
GdipSetStringFormatFlags
GdipGetImageHeight
GdiplusShutdown
GdipAddPathPieI
GdipDrawImageRectI
GdipDrawLine
GdipSetStringFormatTrimming
GdipGetImageWidth
GdipClosePathFigure
GdipDrawImageI
GdipNewPrivateFontCollection
GdipDrawRectangleI
GdipDisposeImage
GdipDeletePrivateFontCollection
GdipFillRectangle
GdipCloneImage
GdiplusStartup
GdipAddPathRectangleI
GdipPrivateAddFontFile
GdipCreateImageAttributes
GdipSetCompositingQuality
GdipLoadImageFromFile
GdipGetFontCollectionFamilyCount
GdipDisposeImageAttributes
GdipAlloc
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetClipPath
GdipCreateFromHDC
GdipGetFontCollectionFamilyList
GdipAddPathStringI

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetModuleFileNameExW
GetProcessImageFileNameW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af9f738e73630e2883d36908e53c16ed

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

wtsapi32

psapi

iphlpapi

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 188KB - Virtual size: 187KB

.data Size: 24KB - Virtual size: 43KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 188KB - Virtual size: 187KB

.data
Size: 24KB - Virtual size: 43KB

.rsrc
Size: 104KB - Virtual size: 100KB