7f30e31c344909643daef32b6e2f003628568e95ac4a9ece6581921e91ee856d

Sharing

Copy URL Twitter E-mail

General

Target

7f30e31c344909643daef32b6e2f003628568e95ac4a9ece6581921e91ee856d
Size

720KB
MD5

60fceb47e70dfee003197f8c0589d770
SHA1

fd94b74ec6617abdaa07de6f4412d5d1c34938fb
SHA256

7f30e31c344909643daef32b6e2f003628568e95ac4a9ece6581921e91ee856d
SHA512

7d5f023d53680f859a1ed20e0291f25cb6401c4c200be00db8b5539ec55b3f7c2dec814a3b49e7cfd3948f7f0a3ec8f5713f13313ba8852c961c82c4c1dcfe61
SSDEEP

12288:cyUe9MS7I7J5u/OuRWq6rhsdCyUdIGkEWB3p:hebkGhsdCyyhkL1p

Score

N/A

Malware Config

Signatures

Files

7f30e31c344909643daef32b6e2f003628568e95ac4a9ece6581921e91ee856d
.exe windows x86

a9acb4351cf407c38737ebd05ed1a5ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlW
HttpSendRequestW
InternetConnectW
InternetCloseHandle
InternetGetConnectedState
HttpOpenRequestW
InternetOpenW
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW

kernel32

LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringW
GetModuleHandleA
SetErrorMode
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapReAlloc
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalFindAtomW
CompareStringW
GetVersionExA
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
ReleaseSemaphore
CreateSemaphoreW
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
FreeResource
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalAddAtomW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrcmpW
GlobalDeleteAtom
GetModuleHandleW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
MulDiv
InterlockedExchange
InterlockedCompareExchange
LoadLibraryA
LCMapStringW
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
WriteFile
GetFileSize
CreateFileA
LocalFree
GetCurrentThreadId
GetSystemTime
GetShortPathNameW
DeleteCriticalSection
WaitForMultipleObjects
LockResource
EnterCriticalSection
GetTempPathW
MultiByteToWideChar
GetModuleFileNameW
GetFileAttributesW
LeaveCriticalSection
GetVersionExW
SizeofResource
CopyFileW
InitializeCriticalSectionAndSpinCount
GetVolumeInformationA
WideCharToMultiByte
InitializeCriticalSection
GetTickCount
GetComputerNameW
WaitForSingleObject
CreateDirectoryW
MoveFileExW
LoadResource
FindResourceW
lstrcmpA
ExitProcess
Sleep
CreateMutexW
GetCommandLineW
CloseHandle
CreateFileW
ReadFile
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
FreeLibrary
ExitThread

user32

DestroyMenu
UnregisterClassW
GetMessageTime
GetMessagePos
MapWindowPoints
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
SetWindowPos
IsIconic
GetWindowPlacement
GetWindowRect
CharUpperW
RegisterClipboardFormatW
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
IsWindow
GetDlgItem
GetNextDlgTabItem
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
GetKeyState
PeekMessageW
GrayStringW
IsWindowEnabled
MessageBoxW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadStringA
PostMessageW
SetForegroundWindow
WaitForInputIdle
GetMenu
EnumChildWindows
SendMessageTimeoutW
EnumThreadWindows
AttachThreadInput
BringWindowToTop
SetWindowTextW
RegisterWindowMessageW
SetParent
wsprintfW
GetWindowTextW
EnableWindow
EndPaint
DestroyWindow
SetTimer
RemovePropW
GetMessageW
PostQuitMessage
GetLastActivePopup
DialogBoxParamW
GetParent
LoadCursorW
GetClientRect
DrawTextExW
BeginPaint
TranslateMessage
GetForegroundWindow
LoadIconW
GetWindowLongW
GetClassNameW
EndDialog
GetCursorPos
ShowWindow
GetSysColorBrush
LoadBitmapW
DrawTextW
TabbedTextOutW
ClientToScreen
GetDC
ReleaseDC
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
SetFocus
GetTopWindow
ValidateRect
UnhookWindowsHookEx
CreateWindowExW
PostThreadMessageW
AdjustWindowRectEx
SystemParametersInfoA
IsWindowVisible
SendMessageW
UpdateWindow
DefWindowProcW
GetWindowThreadProcessId
GetWindow
DispatchMessageW
UnregisterClassA
SetCursor

gdi32

DeleteDC
GetStockObject
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
TextOutW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RestoreDC
SaveDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
ExtTextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CryptAcquireContextW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyW
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CloseServiceHandle
CryptGetHashParam
RegCloseKey
ControlService
RegOpenKeyExW
QueryServiceStatusEx
QueryServiceStatus
StartServiceW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
OpenServiceW
OpenSCManagerW

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

comctl32

InitCommonControlsEx

shlwapi

StrCmpNW
StrCmpNIW
PathAppendW
PathFileExistsW
StrCmpW
StrCmpIW
StrCatW
StrCpyW
PathFindFileNameW
StrNCatW
PathFindExtensionW
PathIsDirectoryW
StrCpyNW
PathRemoveExtensionW
StrStrW
StrStrIW
StrChrW
StrDupW
SHSetValueW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleRun
CoInitialize
CoCreateGuid
CoDisconnectObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
VariantChangeType
SysAllocStringLen
SysStringLen
VariantInit
VariantCopy
SysFreeString
LoadTypeLi
VariantClear
GetErrorInfo

ws2_32

closesocket
socket
bind
htons
recvfrom
gethostbyname
WSAStartup

Sections

.text
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9acb4351cf407c38737ebd05ed1a5ce

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 408KB - Virtual size: 406KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 232KB - Virtual size: 316KB

.rsrc Size: 4KB - Virtual size: 496B

.text
Size: 408KB - Virtual size: 406KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 232KB - Virtual size: 316KB

.rsrc
Size: 4KB - Virtual size: 496B