b7dae4b978cebde75c0259b3b1242bcb0231fb933e368774f2b1e04768e58fde

Sharing

Copy URL Twitter E-mail

General

Target

b7dae4b978cebde75c0259b3b1242bcb0231fb933e368774f2b1e04768e58fde
Size

921KB
MD5

633929be44e3f5570d71f0800f56aff0
SHA1

865fb81624f79128194c43e011c7e85e98c049b2
SHA256

b7dae4b978cebde75c0259b3b1242bcb0231fb933e368774f2b1e04768e58fde
SHA512

a0dcf735d006dd6520bbc7d1162f328a3b66b134f4de8f7c8c454d6b3d7e39570315bc515250fe3f007f748f3942808565cb002c03103665d470e41183948fe5
SSDEEP

12288:zKxBfK4vN/ah7QFdPdwKk/L3HwlMDycydfgwiOO:+xBrvN/aN/7QlMWJdowRO

Score

N/A

Malware Config

Signatures

Files

b7dae4b978cebde75c0259b3b1242bcb0231fb933e368774f2b1e04768e58fde
.exe windows x86

8ca007b0603c654440850072b1ea780a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
PathIsDirectoryW
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
SHDeleteKeyW
PathFileExistsW
PathFindFileNameW

kernel32

DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalGetAtomNameW
GetAtomNameW
lstrlenA
SetErrorMode
GlobalFlags
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
HeapReAlloc
RaiseException
SetStdHandle
GetFileType
ExitThread
CreateThread
ExitProcess
HeapSize
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
LocalReAlloc
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
FatalAppExitA
VirtualAlloc
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
CreateFileA
SetEnvironmentVariableA
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
FindNextFileW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
SuspendThread
SetThreadPriority
GetFileTime
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
MoveFileW
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetDriveTypeW
TerminateThread
RemoveDirectoryW
CopyFileW
lstrlenW
ResumeThread
TerminateProcess
AttachConsole
GetStdHandle
WriteFile
CreateEventW
SetEvent
OutputDebugStringW
WaitForMultipleObjects
Sleep
lstrcmpW
GetLocaleInfoW
LoadLibraryW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetEnvironmentVariableW
FreeLibrary
VerSetConditionMask
VerifyVersionInfoW
GetExitCodeProcess
FindFirstFileW
FindClose
CreateProcessW
WaitForSingleObject
CloseHandle
GetVersion
GetFileAttributesW
GetModuleHandleA
GetUserDefaultLCID
DeleteFileW
GetModuleFileNameW
CreateDirectoryW
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultLangID
GetModuleHandleW
GetProcAddress
GetCurrentProcess
WideCharToMultiByte
OutputDebugStringA
SetLastError
GetTempPathW
GetLastError
FormatMessageW
LocalFree
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetComputerNameW
GetVersionExW
GetWindowsDirectoryW
GetSystemDirectoryW
GlobalMemoryStatus
SetHandleCount

user32

GetDCEx
LockWindowUpdate
KillTimer
SetRect
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
SetMenu
TranslateAcceleratorW
UnregisterClassW
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
GetDialogBaseUnits
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
LoadCursorW
GetSysColorBrush
ShowOwnedPopups
SetCursor
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDC
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
CharUpperW
GetSystemMetrics
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
SetWindowTextA
LoadImageW
MessageBoxW
MessageBoxA
FindWindowW
ExitWindowsEx
SetForegroundWindow
BringWindowToTop
EnumWindows
GetWindowTextW
PostMessageW
IsWindowVisible
EnumChildWindows
GetWindowRect
GetClassNameW
GetWindowLongW
SendMessageW
EnableWindow
SetTimer
MapWindowPoints
UnregisterClassA

gdi32

CreateFontW
StretchDIBits
GetBkColor
GetCharWidthW
CreateCompatibleBitmap
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
GetDCOrgEx
CreateDCW
CopyMetaFileW
GetDeviceCaps
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetObjectW
SetBkColor
SetTextColor
GetClipBox
OffsetWindowOrgEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumValueW
RegSetValueExA
RegQueryValueExA
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
CryptImportKey
CryptDecrypt
CryptGetUserKey
CryptGenKey
CryptExportKey
CryptEncrypt
CryptDestroyKey
InitializeSecurityDescriptor
CryptSetProvParam
CryptReleaseContext
CryptAcquireContextW
RegCreateKeyExW
RegDeleteKeyW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

DragQueryFileW
DragFinish
ExtractIconW
SHGetFileInfoW
SHCreateDirectoryExW

ole32

ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
CoTaskMemAlloc
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CoDisconnectObject
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CLSIDFromString
OleRegGetUserType

oleaut32

SafeArrayLock
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SafeArrayUnaccessData

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ca007b0603c654440850072b1ea780a

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 544KB - Virtual size: 543KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 208KB - Virtual size: 208KB

.text
Size: 544KB - Virtual size: 543KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 208KB - Virtual size: 208KB