bb9822ef0aa5c1e4f746b24ac979ee8a72331727799183ddfb535ed57b3e0e42

Sharing

Copy URL Twitter E-mail

General

Target

bb9822ef0aa5c1e4f746b24ac979ee8a72331727799183ddfb535ed57b3e0e42
Size

735KB
MD5

64bbcfa2c4ad16537388bf21c1621471
SHA1

a8595fa5be523e5993945b4f52a9a1a7fec45d6b
SHA256

bb9822ef0aa5c1e4f746b24ac979ee8a72331727799183ddfb535ed57b3e0e42
SHA512

e5e97f60f0414382f7e05e81f39c2c678daa4809c5532fdaee96c1bac42816ebf34dee0cc13c05fdd612b1d56aecc204f592c1df7397c7e7b650552d4b6e8320
SSDEEP

12288:KQu8UlLDNkrOtw/hgjD+JeIiXsIz0pHsFMe4zkK:K5+Xhgj62cIzyHsFMbkK

Score

N/A

Malware Config

Signatures

Files

bb9822ef0aa5c1e4f746b24ac979ee8a72331727799183ddfb535ed57b3e0e42
.exe windows x86

ce43d7b4b68289cf064fb30846252678

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
FatalAppExitA
VirtualAlloc
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
RaiseException
CreateThread
ExitThread
ExitProcess
HeapFree
HeapAlloc
RtlUnwind
GetStartupInfoW
GetFileTime
GetProcessHeap
ExpandEnvironmentStringsA
GetSystemInfo
VerSetConditionMask
VerifyVersionInfoW
GetSystemDirectoryW
CreateMutexW
LoadLibraryExW
SizeofResource
LockResource
LoadResource
FindResourceW
MulDiv
LoadLibraryW
GetCommandLineW
GetPrivateProfileStringW
Sleep
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetModuleFileNameW
CreateProcessW
GetProcAddress
GetModuleHandleW
GlobalAlloc
lstrcmpW
GlobalLock
InterlockedExchange
WideCharToMultiByte
MultiByteToWideChar
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventW
GlobalAddAtomW
SetLastError
GetLastError
GetCurrentProcessId
lstrlenW
LocalFree
GetFileSizeEx
GetFileAttributesW
FormatMessageW
FreeLibrary
GlobalUnlock
GlobalSize
CopyFileW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
GlobalFree
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleA
FreeResource
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
InterlockedDecrement

user32

GetSystemMenu
IsRectEmpty
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
GetDialogBaseUnits
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
CharUpperW
DestroyIcon
GetSysColorBrush
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
DeleteMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MapVirtualKeyW
GetKeyNameTextW
ScrollWindowEx
ShowWindow
SetParent
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadMenuW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
ReleaseDC
GetDC
SendMessageW
LoadImageW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
UnionRect
SetRect
KillTimer
GetDCEx
LockWindowUpdate
MoveWindow
LoadIconW
MessageBoxW
DrawIcon
IsIconic
GetClientRect
SetTimer
EnableWindow
GetSystemMetrics
PostQuitMessage
PostMessageW
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
UnhookWindowsHookEx
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
LoadStringW
ExitWindowsEx
EnumWindows
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
IsDlgButtonChecked

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
ExtTextOutW
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
RectVisible
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
GetTextExtentPoint32W
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsW
CreateCompatibleBitmap
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
StartDocW
TextOutW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
ExtCreatePen
PtVisible
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
GetDeviceCaps
CreateBitmap
CopyMetaFileW
CreateDCW
SetGraphicsMode
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectW
CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SelectPalette

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

AllocateAndInitializeSid
RegQueryValueExA
QueryServiceConfigW
ChangeServiceConfigW
DeleteService
ControlService
OpenServiceW
StartServiceW
QueryServiceStatus
OpenSCManagerW
CreateServiceW
CloseServiceHandle
ImpersonateSelf
OpenThreadToken
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegSetValueW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExA

shell32

DragFinish
SHGetFileInfoW
ExtractIconW
ShellExecuteW
DragQueryFileW

comctl32

ord17

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW

ole32

StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoInitializeEx
CreateBindCtx

oleaut32

SafeArrayRedim
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr

Sections

.text
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce43d7b4b68289cf064fb30846252678

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 421KB - Virtual size: 420KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 10KB - Virtual size: 26KB

.rsrc Size: 41KB - Virtual size: 40KB

.prdata Size: 68KB - Virtual size: 68KB

.text
Size: 421KB - Virtual size: 420KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 10KB - Virtual size: 26KB

.rsrc
Size: 41KB - Virtual size: 40KB

.prdata
Size: 68KB - Virtual size: 68KB