9d98ab3bee15be3165e8525b9f4024b6bb4e3cc74699cbf5f587f74e9705123f

Sharing

Copy URL Twitter E-mail

General

Target

9d98ab3bee15be3165e8525b9f4024b6bb4e3cc74699cbf5f587f74e9705123f
Size

408KB
MD5

71ef758ef4c4bafd71fdce6f1388b5d0
SHA1

4b487dd4087b201dc9becf18f486c6064d596dcc
SHA256

9d98ab3bee15be3165e8525b9f4024b6bb4e3cc74699cbf5f587f74e9705123f
SHA512

20776a29c78189ac635c712ceaa10e47d882b0747a51bc6ad2ef8264ae6200f5efef97b1059b0c3a1a15cd77df3da0dc5e4cea384d60106e6cae4ea1670e8710
SSDEEP

6144:U9YSn6nQAvhSNLlzGysRwpsDz3HZXiqiEW5RvfqQ17NWidPHb2q1ExNnM:UIQAvA7z/sRysDz3ZX819SYEPM

Score

N/A

Malware Config

Signatures

Files

9d98ab3bee15be3165e8525b9f4024b6bb4e3cc74699cbf5f587f74e9705123f
.exe windows x86

ee2ef2eb84d87c0052d534559339fdfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

setsockopt
closesocket
select
connect
htons
WSAGetLastError
socket
send
recv
inet_addr
gethostname
ioctlsocket
WSAStartup
inet_ntoa
WSACleanup
gethostbyname

shlwapi

PathFileExistsA

kernel32

FindFirstFileW
FileTimeToSystemTime
MultiByteToWideChar
FreeLibrary
LoadLibraryA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
LocalFree
FormatMessageA
LoadResource
FindResourceA
LockResource
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
MulDiv
lstrcpynA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
SizeofResource
GetThreadLocale
GetCPInfo
GetOEMCP
SetErrorMode
DuplicateHandle
GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileTime
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapFree
HeapReAlloc
HeapSize
GetACP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
CreateProcessA
lstrcpyA
GetModuleFileNameA
CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
GetPrivateProfileIntA
GetFullPathNameA
lstrlenA
DeleteFileW
CreateDirectoryW
SetFileAttributesW
GetPrivateProfileStringA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
MoveFileA
DeleteFileA
SetFileAttributesA
SetLastError
SetEndOfFile
SetFileTime
SetFilePointer
lstrcatA
AreFileApisANSI
CreateFileW
WriteFile
GetStdHandle
GetVersionExA
GetProcAddress
WideCharToMultiByte
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateDirectoryA
WritePrivateProfileStringA
SetThreadPriority
OutputDebugStringA
GetTickCount
GetFileAttributesA
FindFirstFileA
FindClose
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
ReadFile
CreateThread
ResumeThread
WaitForSingleObject
Sleep
MoveFileExA
CopyFileA

user32

GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadStringA
DestroyMenu
InflateRect
GetDesktopWindow
GetClassNameA
GetSysColorBrush
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
ReleaseDC
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
CharNextA
EnableWindow
GetCursorPos
PtInRect
LoadCursorA
SetCursor
GetDC
KillTimer
SetTimer
PostQuitMessage
GetWindowRect
InvalidateRect
PostMessageA
IsIconic
GetSystemMetrics
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadImageA
IsWindowVisible
MessageBoxA
LoadIconA
GetParent
SendMessageA
GetDlgCtrlID
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
EnableMenuItem

gdi32

SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
DeleteDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetObjectA
GetStockObject
CreateFontA
GetTextExtentPointA
CreateDIBitmap
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA

comctl32

ord17

oledlg

ord8

ole32

CoGetClassObject
CoTaskMemAlloc
CLSIDFromProgID
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromString

olepro32

ord253
ord251

oleaut32

SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysFreeString
VariantCopy
VariantClear
SysAllocString

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee2ef2eb84d87c0052d534559339fdfd

Headers

File Characteristics

Imports

ws2_32

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 20KB - Virtual size: 38KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 20KB - Virtual size: 38KB

.rsrc
Size: 80KB - Virtual size: 80KB