4633a0b05cfb6640ceeb2550666b93713baf633970944764a0d1c013983e6fd0

Sharing

Copy URL

Twitter E-mail

General

Target

4633a0b05cfb6640ceeb2550666b93713baf633970944764a0d1c013983e6fd0
Size

730KB
MD5

fcec5f857197078cf4cd2d773fc5fcfd
SHA1

4ca1031ce6974b7d10f9e0b14fcceb9ef6da28c0
SHA256

4633a0b05cfb6640ceeb2550666b93713baf633970944764a0d1c013983e6fd0
SHA512

ffc18f00353a9ceeebb97dd8a6911cf4200c74bf0bf4cfa1f4370ce76250508cdf19d06ecbca1b070439981b1fcf7a9bd02ade350905f0fc366a9f321c3998cc
SSDEEP

12288:X3lGUQuLwm9u91VQg2opqfm2+CIIw8mWWL/ocpw6wil5/YS2BQ:X1FQ2mC7hfm2nIh8LcGil5/YSEQ

Score

N/A

Malware Config

Signatures

Files

4633a0b05cfb6640ceeb2550666b93713baf633970944764a0d1c013983e6fd0
.exe windows x86

0daf38bf1f46ac41c9d272b5759ebd2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
lstrcmpA
InterlockedExchange
LoadLibraryExA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
GetPrivateProfileStringA
FindNextFileA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
FindClose
GetFullPathNameA
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
LCMapStringW
HeapCreate
GetStringTypeW
CompareStringW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
DuplicateHandle
SetEndOfFile
UnlockFile
VirtualAlloc
FindFirstFileA
LockFile
FlushFileBuffers
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedIncrement
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
InitializeCriticalSectionAndSpinCount
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
lstrlenA
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
SetFilePointer
ReadFile
GetFileSize
VirtualQueryEx
GetSystemInfo
SetUnhandledExceptionFilter
Sleep
GetModuleHandleA
CreateRemoteThread
GetModuleHandleW
VirtualFreeEx
VirtualAllocEx
Module32Next
Module32First
GetCurrentProcess
VirtualProtect
GetVolumeInformationA
SetWaitableTimer
CreateWaitableTimerA
QueryDosDeviceA
GetLogicalDriveStringsA
GetCurrentThreadId
GetModuleFileNameW
TerminateProcess
CopyFileA
CreateDirectoryA
WriteProcessMemory
GetPrivateProfileStringW
CreateMutexA
GetModuleFileNameA
UnmapViewOfFile
IsBadWritePtr
GetCurrentProcessId
LeaveCriticalSection
CreateProcessA
Process32Next
Process32First
CreateToolhelp32Snapshot
EnterCriticalSection
DeleteFileA
WritePrivateProfileStringA
ReadProcessMemory
OpenProcess
CloseHandle
WriteFile
CreateFileA
IsBadReadPtr
DeleteCriticalSection
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
InitializeCriticalSection
GetPrivateProfileIntW
GetLocalTime
GetTickCount
LoadLibraryA
FreeLibrary
lstrcpyA
GetProcAddress
GetVersionExA
LoadLibraryW
GetSystemDirectoryW
GetACP
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
MultiByteToWideChar
WritePrivateProfileStringW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
WideCharToMultiByte

user32

CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
TrackPopupMenu
GetKeyState
SetMenu
RedrawWindow
ValidateRect
UpdateWindow
GetClassInfoExA
RegisterClassA
ScreenToClient
EqualRect
GetDlgCtrlID
CallWindowProcA
SetWindowPos
PtInRect
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetWindowContextHelpId
GetWindowLongA
SetWindowLongA
GetMenu
CreateWindowExA
GetMenuItemCount
wsprintfA
LoadBitmapW
GetDC
MessageBoxA
keybd_event
EnableScrollBar
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
ShowWindow
AttachThreadInput
GetForegroundWindow
EnumWindows
FindWindowA
GetMenuState
SetForegroundWindow
LoadIconA
DrawIcon
IsIconic
GetDesktopWindow
IsWindowVisible
RegisterHotKey
CheckMenuItem
LoadIconW
RegisterWindowMessageA
IsHungAppWindow
GetCursorPos
GetSubMenu
LoadMenuW
IsWindow
PostMessageA
GetWindowThreadProcessId
GetWindowTextA
SetTimer
EnableWindow
SendMessageA
GetClassInfoA
DefWindowProcA
KillTimer
GetWindowRect
LoadCursorA
MapWindowPoints
GetParent
GetSysColorBrush
GetSysColor
SystemParametersInfoA
EnumDisplayMonitors
SetRectEmpty
CopyRect
GetMonitorInfoA
GetSystemMetrics
GetClientRect
GetClassNameA
SetRect
UnregisterClassA
RealChildWindowFromPoint
ReleaseCapture
IntersectRect
GetMenuItemID
SetCursor
GetWindow
MapDialogRect
OffsetRect
PostQuitMessage
CharNextA
DestroyMenu
GetMessageA
TranslateMessage
CharUpperA
InvalidateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetCapture
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
GetDlgItemInt
SendDlgItemMessageA
WinHelpA
AdjustWindowRectEx
IsChild

gdi32

SaveDC
RestoreDC
SetMapMode
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetBkColor
GetTextColor
GetMapMode
GetRgnBox
CreateBitmap
SetBkColor
SetTextColor
StretchBlt
CreateRectRgnIndirect
CreateDIBitmap
GetTextMetricsA
CreatePatternBrush
CreatePen
CreateSolidBrush
GetObjectA
GetStockObject
CreateFontIndirectA
EnumFontFamiliesA
GetTextCharsetInfo
Escape
CreateCompatibleDC
GetDeviceCaps
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA

shell32

ShellExecuteW
ShellExecuteA
Shell_NotifyIconA

shlwapi

PathFileExistsA
PathFileExistsW
UrlUnescapeA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
CoFreeUnusedLibraries
CLSIDFromProgID
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitialize
OleInitialize
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleUninitialize
CoCreateInstance

oleaut32

OleCreateFontIndirect
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString

oledlg

ord8

psapi

GetProcessImageFileNameA
GetModuleFileNameExW

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

iphlpapi

GetAdaptersInfo

dbghelp

MiniDumpWriteDump

ws2_32

sendto
inet_addr
WSACleanup
WSAStartup
recv
recvfrom
connect
htons
gethostbyname
setsockopt
socket
closesocket
shutdown
send

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0daf38bf1f46ac41c9d272b5759ebd2a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

psapi

wininet

iphlpapi

dbghelp

ws2_32

oleacc

Sections

.text Size: 435KB - Virtual size: 435KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 17KB - Virtual size: 67KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 57KB - Virtual size: 57KB

.text
Size: 435KB - Virtual size: 435KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 17KB - Virtual size: 67KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 57KB - Virtual size: 57KB