916e85edf07486c49d077c3dcb9e3539cddbc1f4c28d1e827ea569950ab16835

Sharing

Copy URL

Twitter E-mail

General

Target

916e85edf07486c49d077c3dcb9e3539cddbc1f4c28d1e827ea569950ab16835
Size

886KB
MD5

58c868e1d04d186b2370a8d15ec8c003
SHA1

fd696e709cedd98681e39ac076120e8da91b74db
SHA256

916e85edf07486c49d077c3dcb9e3539cddbc1f4c28d1e827ea569950ab16835
SHA512

3763d3b29922a829786c84cfcb01f5d5676a30d3d9bafd11b6075915536418712eb51e374f5084bc0a64ea41e6c8a7ab2b68f712cdb28dbd3f4f5830f84e3344
SSDEEP

24576:elqUjzT2YjAUlEjwSgDZ7QQDCK98JYjNz7M:8Waxl4gDZf2K98KNfM

Score

N/A

Malware Config

Signatures

Files

916e85edf07486c49d077c3dcb9e3539cddbc1f4c28d1e827ea569950ab16835
.exe windows x86

a5c5a01b59853c2d1b11c7dd0c06af67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
ResetEvent
SetEvent
ResumeThread
CreateEventA
WaitForMultipleObjects
GetCurrentThreadId
GetCurrentThread
GetVolumeInformationA
FreeLibrary
LoadLibraryA
WaitForSingleObject
GlobalFree
GetSystemDirectoryA
GetCurrentProcessId
GlobalUnlock
DecodePointer
GlobalAlloc
TerminateProcess
GetSystemInfo
GetVersionExA
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
FindResourceA
CreateDirectoryA
OpenFile
FindClose
FindNextFileA
GetFileAttributesA
FindFirstFileA
GetModuleFileNameA
GetModuleHandleA
FileTimeToSystemTime
CloseHandle
GetFileTime
CreateFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalLock
DeleteFileA
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GetACP
MultiByteToWideChar
WideCharToMultiByte
Sleep
SetEnvironmentVariableA
WriteConsoleW
OutputDebugStringW
CreateFileW
GetCurrentDirectoryW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
GetStdHandle
GetTimeZoneInformation
GetDriveTypeW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MoveFileExW
DeleteFileW
IsValidCodePage
HeapQueryInformation
OutputDebugStringA
SetLastError
GetModuleFileNameW
LoadLibraryW
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
LocalFree
FormatMessageA
FileTimeToLocalFileTime
LoadLibraryExW
LocalAlloc
GlobalDeleteAtom
lstrcmpA
CompareStringA
EncodePointer
GetSystemDirectoryW
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
GetFileAttributesExA
GetFileSizeEx
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetPrivateProfileIntA
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetOEMCP
GetCPInfo
AreFileApisANSI
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
CreateThread
ExitThread
GetCommandLineA
RtlUnwind
SetStdHandle
GetFileType
ExitProcess
GetModuleHandleExW

user32

DestroyWindow
SetWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
GetFocus
GetKeyState
GetCapture
EnableWindow
GetMenu
SetMenu
UpdateWindow
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
SetPropA
GetPropA
RemovePropA
GetClientRect
GetWindowRect
AdjustWindowRectEx
MessageBoxA
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
PtInRect
SetWindowLongA
GetClassLongA
GetTopWindow
GetLastActivePopup
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
LoadIconW
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
IsWindowEnabled
SetWindowTextA
GetDC
LoadCursorA
GetActiveWindow
GetCursorPos
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
SetCursor
ClientToScreen
RealChildWindowFromPoint
SetTimer
KillTimer
InvalidateRect
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetMenuItemID
DestroyMenu
GetParent
PeekMessageA
RegisterWindowMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ReleaseDC
GetSystemMetrics
GetWindow
GetWindowTextA
GetWindowThreadProcessId
GetClassNameA
SendMessageA
GetWindowLongA
PostMessageA
wsprintfA
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessagePos
GetMessageTime
GetSubMenu
CharUpperA
PostQuitMessage
GetSysColorBrush
GetMenuItemCount

gdi32

GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
GetClipBox
Escape
DeleteDC
DeleteObject
CreateBitmap
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetTextColor
SetBkColor
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

shell32

ShellExecuteExA

ole32

CoTaskMemFree
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

shlwapi

PathFileExistsA
PathStripToRootA
UrlUnescapeA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA

ws2_32

shutdown
send
recv
closesocket
select
gethostbyname
htons
inet_addr
ioctlsocket
setsockopt
WSAGetLastError
socket
WSACleanup
WSAStartup
connect

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5c5a01b59853c2d1b11c7dd0c06af67

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

wininet

oleacc

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 12KB - Virtual size: 37KB

.rsrc Size: 421KB - Virtual size: 421KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 12KB - Virtual size: 37KB

.rsrc
Size: 421KB - Virtual size: 421KB

.reloc
Size: 21KB - Virtual size: 20KB