1e80e0ec014bc7e53e6cccd3da604272a9acb672a7715af63197a06946f90210

Sharing

Copy URL

Twitter E-mail

General

Target

1e80e0ec014bc7e53e6cccd3da604272a9acb672a7715af63197a06946f90210
Size

888KB
MD5

2bea58f221f19546b63f7fb5266c534a
SHA1

0a38071259061359d1db8229dd22e55241d3dfe6
SHA256

1e80e0ec014bc7e53e6cccd3da604272a9acb672a7715af63197a06946f90210
SHA512

f0a5195811986af736219a12688c9f687324342e1d1f4531c5d39f37eab3a48e3c9604d7b7ab60f73b77123356dd700daad7bb15a1e0d4164976518008b06182
SSDEEP

12288:Gw8mfTMHc5cUVI6amQ7geAKMoFGN0zxMnf5Phrab7KbGMPbtI6Eifg0ads1Ev59W:Vf0CRa9Lqoa02hloKrZXgEEvH

Score

N/A

Malware Config

Signatures

Files

1e80e0ec014bc7e53e6cccd3da604272a9acb672a7715af63197a06946f90210
.exe windows x86

a8fb7012845f20b384e63901e23eec2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
lstrcmpiA
HeapDestroy
MulDiv
ReadProcessMemory
FindNextFileA
GetEnvironmentStrings
WaitForMultipleObjects
CreateProcessA
GetDriveTypeA
TlsFree
GetFileAttributesA
MoveFileA
GlobalFindAtomA
FreeEnvironmentStringsA
UnlockFile
SystemTimeToFileTime
LocalAlloc
LockFile
LockResource
GetCurrentThread
GetVersion
EnumCalendarInfoA
FreeLibrary
CloseHandle
RtlUnwind
GetProcessWorkingSetSize
TlsGetValue
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
IsValidLocale
SetFileAttributesA
HeapFree
GlobalUnlock
CreateMutexA
SizeofResource
LCMapStringW
GlobalFlags
UnhandledExceptionFilter
TerminateProcess
LoadLibraryExA
GetModuleHandleW
LocalFileTimeToFileTime
GlobalHandle
GetModuleHandleA
OpenProcess
GetExitCodeProcess
EnumResourceLanguagesA
DeleteFileA
GlobalGetAtomNameA
FatalAppExitA
LoadResource
FormatMessageA
GetProfileIntA
GetModuleFileNameW
GetFileInformationByHandle
SetEndOfFile
GlobalFree
GetFileType
CreateFileMappingA
GetFileAttributesExA
SetEvent
_lclose
GetTimeFormatA
GetFileSizeEx
GetComputerNameA
FindFirstFileA
PeekNamedPipe
SetErrorMode
HeapCreate
lstrlenW
GetLocaleInfoA
GetSystemInfo
SuspendThread
QueryPerformanceFrequency
_lwrite
GetShortPathNameA
VirtualQuery
VirtualProtect
LocalReAlloc
SetEnvironmentVariableA
GetPrivateProfileSectionNamesA
CreateFileA
ReleaseMutex
GetOEMCP
SetConsoleCtrlHandler
CreateDirectoryA
ResumeThread
GetStdHandle
GlobalMemoryStatus
ConvertDefaultLocale
VirtualAlloc
MultiByteToWideChar
GlobalAddAtomA
WriteProfileStringA
GetDiskFreeSpaceA
lstrcmpW
GetCurrentThreadId
FindResourceA
SetHandleCount
SearchPathA
EnumSystemLocalesA
lstrcatA
LoadLibraryA
GetModuleFileNameA
ExitThread
GetConsoleOutputCP
lstrcpyA
InitializeCriticalSection
CreateEventA
InterlockedExchange
SetUnhandledExceptionFilter
LocalLock
GetPrivateProfileIntA
ExitProcess
GetStringTypeW
DuplicateHandle
GetCPInfo
IsDebuggerPresent
FreeEnvironmentStringsW
SetCurrentDirectoryA
RemoveDirectoryA
GetProcAddress
GetCurrentDirectoryA
GetTickCount
LocalUnlock
GetProcessHeap
GetConsoleCP
GetThreadLocale
GetCommandLineA
GetSystemTimeAsFileTime
MapViewOfFile
lstrlenA
SetThreadPriority
IsBadWritePtr
GetFullPathNameA
CreateSemaphoreA
GetFileSize
SetLastError
FindResourceExA
FreeResource
GetPrivateProfileStringA
SetStdHandle
CopyFileA
CreateThread
WideCharToMultiByte
GetLastError
HeapSize
GetLocaleInfoW
EnterCriticalSection
DeleteCriticalSection
WriteFile
GetVersionExA
GetVolumeInformationA
GetStartupInfoA
FlushFileBuffers
SetFilePointer
Sleep
GetConsoleMode
WriteConsoleW
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLCID
RaiseException
GetCurrentProcessId
TlsSetValue
GlobalReAlloc
ReadFile
GetWindowsDirectoryA
OpenFile
InterlockedDecrement
GetTempPathA
QueryPerformanceCounter
WinExec
GlobalLock
UnmapViewOfFile
GetPrivateProfileSectionA
GetFileTime
lstrcpynA
GetStringTypeA
GlobalDeleteAtom
HeapAlloc
FindClose
GetEnvironmentStringsW
GetACP
LocalFree
GlobalSize
GetTempFileNameA
IsValidCodePage
LeaveCriticalSection
GetStringTypeExA
WritePrivateProfileStringA
TlsAlloc
GetTimeZoneInformation
ReleaseSemaphore
CompareStringA
CompareStringW
SetFileTime
WaitForSingleObject
WriteConsoleA
HeapReAlloc
GlobalAlloc
GetAtomNameA
lstrcmpA
LCMapStringA
InterlockedIncrement

user32

GetDlgCtrlID
PeekMessageA
GetSysColorBrush
DefWindowProcA
RegisterWindowMessageA
LoadCursorA
IsDlgButtonChecked
AppendMenuA
InvertRect
GetMenuItemInfoA
SystemParametersInfoA
SetClassLongA
WinHelpA
GetKeyState
SetParent
SetMenuDefaultItem
GetMenuItemRect
GetScrollPos
GetMenuBarInfo
InSendMessage
GetIconInfo
MapVirtualKeyA
SendNotifyMessageA
EndDeferWindowPos
GetDesktopWindow
GetMenuStringA
GetClassInfoExA
UnhookWindowsHookEx
DialogBoxIndirectParamA
GetPropA
WindowFromPoint
FrameRect
SetWindowTextA
DestroyAcceleratorTable
EnableScrollBar
PostThreadMessageA
PtInRect
IsDialogMessageA
CheckDlgButton
GetLastActivePopup
SetRectEmpty
MapDialogRect
CopyImage
TabbedTextOutA
BeginPaint
RemovePropA
BeginDeferWindowPos
GetMenu
CheckRadioButton
IsCharLowerA
GetWindowTextA
CreateIconIndirect
UpdateWindow
SendInput
MenuItemFromPoint
ClipCursor
IsWindowEnabled
SetCursorPos
GetMessageTime
IsWindow
SetPropA
SetScrollPos
DrawStateA
RegisterClassA
LoadBitmapA
GetTabbedTextExtentA
GetNextDlgTabItem
SetWindowLongA
CopyAcceleratorTableA
GetClipboardData
GetSystemMetrics
InsertMenuItemA
MapVirtualKeyExA
ClientToScreen
EndPaint
BringWindowToTop
WindowFromDC
CallNextHookEx
GetForegroundWindow
CharUpperA
NotifyWinEvent
DeferWindowPos
GetCursorPos
GetSubMenu
SetCursor
TrackPopupMenuEx
SubtractRect
SetWindowContextHelpId
CopyIcon
ChildWindowFromPointEx
TrackPopupMenu
CreateWindowExA
SetFocus
DestroyMenu
DestroyCursor
IsIconic
GetDC
GetScrollInfo
CreateMenu
DrawIconEx
CopyRect
GetWindowRect
GetWindowPlacement
InvalidateRgn
OffsetRect
SetClipboardData
CreateAcceleratorTableA
ReleaseCapture
GetMenuItemCount
RemoveMenu
SetRect
DeleteMenu
WaitMessage
SetWindowPos
DefFrameProcA
GetSystemMenu
CharNextA
PostQuitMessage
TranslateMDISysAccel
GetDlgItemTextA
RegisterClipboardFormatA
ShowOwnedPopups
CreateDialogIndirectParamA
ScrollWindow
OpenClipboard
SetMenuItemInfoA
SetScrollInfo
LoadImageA
SetCapture
EnableWindow
GetDlgItemInt
GetWindowRgn
IsMenu
DrawFocusRect
CreateIconFromResource
ReuseDDElParam
SetForegroundWindow
InflateRect
EnumChildWindows
VkKeyScanA
GetUpdateRect
LoadAcceleratorsA
MessageBoxA
DrawTextA
DrawEdge
CharUpperBuffA
MoveWindow
KillTimer
SetWindowsHookExA
MsgWaitForMultipleObjects
LockWindowUpdate
DispatchMessageA
SetWindowPlacement
CloseClipboard
SendMessageA
IsRectEmpty
GetActiveWindow
GetDlgItem
EqualRect
IsZoomed
UnionRect
ShowScrollBar
GetWindowDC
GetDialogBaseUnits
CheckMenuItem
UpdateLayeredWindow
SetWindowRgn
SetDlgItemTextA
GetKeyNameTextA
IsChild
GetMessageA
FillRect
MapWindowPoints
ScrollWindowEx
CallWindowProcA
TranslateMessage
GrayStringA
SendMessageTimeoutA
GetDCEx
MessageBeep
ShowWindow
wsprintfA
GetWindowLongA
SetMenuItemBitmaps
DestroyIcon
GetAsyncKeyState
ReleaseDC
IntersectRect
PostMessageA
GetMenuItemID
CreatePopupMenu
IsWindowVisible
SetMenu
SetDlgItemInt
DrawIcon
ValidateRect
InsertMenuA
LoadStringA
GetKeyboardState
DrawMenuBar
SetActiveWindow
GetDoubleClickTime
DestroyWindow
GetClassInfoA
GetTopWindow
LoadMenuA
GetParent
GetMenuDefaultItem
EmptyClipboard
DrawFrameControl
LoadIconA
GetMenuState
InvalidateRect
GetWindowTextLengthA
GetScrollRange
EnableMenuItem
GetClassLongA
GetSysColor
AdjustWindowRectEx
SendDlgItemMessageA
SetScrollRange
UnpackDDElParam
ToAsciiEx
GetCapture
GetFocus
GetMenuCheckMarkDimensions
GetWindowThreadProcessId
GetClientRect
ModifyMenuA
ScreenToClient
GetWindow
UnregisterClassA
EndDialog
SetTimer
DrawTextExA
GetKeyboardLayout
RedrawWindow
IsClipboardFormatAvailable
GetClassNameA
TranslateAcceleratorA
DefMDIChildProcA
GetNextDlgGroupItem
GetMessagePos
EnumWindows

gdi32

SetAbortProc
LineTo
GetTextAlign
CombineRgn
CreateDCA
PlayMetaFileRecord
GetBkMode
GetBkColor
SetDIBitsToDevice
GetTextExtentPointA
GetBoundsRect
GetWindowExtEx
AbortDoc
SetDIBColorTable
SetPaletteEntries
GetPaletteEntries
DPtoLP
GetDeviceCaps
GetViewportExtEx
StartPage
GetObjectA
Rectangle
ExtCreatePen
EnumFontsA
GetDCOrgEx
GetTextFaceA
SetPolyFillMode
CreateFontIndirectA
GetDIBColorTable
SetColorAdjustment
GetDIBits
DeleteObject
EndDoc
GetTextColor
GetTextExtentPoint32W
SelectObject
PtInRegion
OffsetRgn
IntersectClipRect
StretchBlt
SetWindowOrgEx
CreateDIBPatternBrushPt
Polygon
ModifyWorldTransform
DeleteDC
SetWorldTransform
CreatePolygonRgn
CreateBitmap
ArcTo
CreateCompatibleBitmap
CreateDIBitmap
ScaleViewportExtEx
SetROP2
SelectClipPath
CreateMetaFileA
GetSystemPaletteEntries
FillRgn
SetStretchBltMode
CreateCompatibleDC
SetGraphicsMode
CreateSolidBrush
EnumMetaFile
GetWindowOrgEx
TextOutA
SetTextColor
GetViewportOrgEx
RectInRegion
GetClipRgn
SetBkColor
EnumFontFamiliesA
GetStockObject
FrameRgn
OffsetClipRgn
CreateEllipticRgn
GetRgnBox
SetArcDirection
GetStretchBltMode
RoundRect
GetROP2
MoveToEx
CreatePalette
OffsetViewportOrgEx
SetViewportExtEx
ScaleWindowExtEx
PolylineTo
EnumFontFamiliesExA
CreateRectRgnIndirect
RectVisible
Ellipse
PolyBezierTo
GetCharWidthA
PlayMetaFile
SetTextJustification
Polyline
ExtTextOutA
CreateFontA
Escape
DeleteMetaFile
OffsetWindowOrgEx
ExtFloodFill
CreatePatternBrush
ExtSelectClipRgn
BitBlt
SetBkMode
GetClipBox
PtVisible
RestoreDC
CloseMetaFile
GetMapMode
PatBlt
UnrealizeObject
SetWindowExtEx
SetTextCharacterExtra
LPtoDP
CreateRoundRectRgn
StretchDIBits
GetObjectType
EndPage
GetCurrentObject
GetNearestColor
RealizePalette
GetPixel
StartDocA
ExcludeClipRect
SetPixel
SelectClipRgn
SetDIBits
GetTextMetricsA
SelectPalette
GetNearestPaletteIndex
SetRectRgn
CreateHalftonePalette
CreateHatchBrush
GetTextExtentPoint32A
PolyDraw
SetPixelV
SetViewportOrgEx
CreateDIBSection
Arc
CopyMetaFileA
GetCurrentPositionEx
GetTextCharsetInfo
SetMapperFlags
CreateRectRgn
SetMapMode
GetPolyFillMode
SaveDC
SetTextAlign
CreatePen

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA
SetFileSecurityA
RegSetValueA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
GetFileSecurityA
RegQueryValueExA
RegEnumValueA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA

shell32

SHGetSpecialFolderLocation
SHFileOperationA
DragQueryFileA
SHGetPathFromIDListA
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
DragFinish
SHGetMalloc
Shell_NotifyIconA
ExtractIconExA
SHGetFileInfoA
ExtractIconA
ShellExecuteExA
SHBrowseForFolderA

ole32

OleCreateStaticFromData
CoRegisterMessageFilter
CoCreateInstance
OleSetMenuDescriptor
OleDuplicateData
CoTaskMemAlloc
DoDragDrop
CoUninitialize
CoLockObjectExternal
CreateOleAdviseHolder
OleQueryCreateFromData
OleRegGetMiscStatus
GetHGlobalFromILockBytes
ReadClassStg
OleInitialize
WriteClassStm
OleCreateLinkToFile
OleCreateLinkFromData
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoGetClassObject
RegisterDragDrop
StgCreateDocfile
WriteClassStg
OleQueryLinkFromData
OleGetClipboard
StgIsStorageFile
CoFreeUnusedLibraries
OleGetIconOfClass
OleRegGetUserType
GetRunningObjectTable
CreateGenericComposite
StringFromGUID2
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoGetMalloc
OleCreateFromData
OleUninitialize
OleSetContainedObject
CLSIDFromString
OleSetClipboard
WriteFmtUserTypeStg
SetConvertStg
StgOpenStorageOnILockBytes
CoTreatAsClass
ReadFmtUserTypeStg
CreateDataAdviseHolder
StgOpenStorage
CoDisconnectObject
OleCreateMenuDescriptor
CreateFileMoniker
OleLockRunning
CoTaskMemFree
OleRun
OleLoad
CoRevokeClassObject
OleIsCurrentClipboard
CLSIDFromProgID
OleTranslateAccelerator
OleSave
OleSaveToStream
OleIsRunning
OleFlushClipboard
OleCreate
OleDestroyMenuDescriptor
StringFromCLSID
CoInitializeEx
CoRegisterClassObject
CreateItemMoniker
CreateBindCtx
ReleaseStgMedium
OleRegEnumVerbs
OleCreateFromFile
IsAccelerator

oleaut32

SafeArrayGetUBound
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayPtrOfIndex
VarBstrFromDec
VarDateFromStr
LoadRegTypeLi
SafeArrayDestroyDescriptor
SysAllocString
SystemTimeToVariantTime
SafeArrayGetElement
VarBstrFromDate
SafeArrayLock
VarBstrFromCy
SafeArrayGetDim
OACreateTypeLib2
SafeArrayAllocDescriptor
SysReAllocStringLen
SafeArrayUnlock
SafeArrayDestroy
SafeArrayGetElemsize
VariantClear
SetErrorInfo
SysStringByteLen
VariantCopy
SafeArrayRedim
GetErrorInfo
SysAllocStringLen
VarUdateFromDate
VariantChangeType
SafeArrayCreate
SafeArrayGetLBound
OleCreateFontIndirect
SysStringLen
CreateErrorInfo
SysFreeString
SafeArrayCopy
VariantTimeToSystemTime
SafeArrayAccessData
VarDecFromStr
VariantInit
SafeArrayAllocData
LoadTypeLi
RegisterTypeLi
SysAllocStringByteLen
VarCyFromStr

comctl32

ImageList_AddMasked
ImageList_Duplicate
ImageList_Create
ImageList_GetImageCount
_TrackMouseEvent
InitCommonControlsEx
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Remove
ord17
ImageList_ReplaceIcon
ImageList_GetImageInfo

shlwapi

PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathRelativePathToA
PathGetArgsA
PathUnquoteSpacesA
UrlUnescapeA
PathFileExistsA
PathRemoveExtensionA
PathRemoveArgsA
PathCanonicalizeA
PathFindFileNameA

winmm

PlaySoundA

rpcrt4

UuidCreate

msimg32

TransparentBlt
AlphaBlend

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

FtpCreateDirectoryA
InternetOpenUrlA
HttpOpenRequestA
FtpGetCurrentDirectoryA
FtpGetFileA
InternetCanonicalizeUrlA
GopherFindFirstFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpRenameFileA
InternetGetCookieA
InternetSetFilePointer
HttpAddRequestHeadersA
HttpSendRequestA
FtpPutFileA
FtpRemoveDirectoryA
InternetSetCookieA
HttpEndRequestA
FtpDeleteFileA
InternetOpenA
InternetFindNextFileA
InternetSetOptionExA
InternetErrorDlg
HttpSendRequestExA
FtpOpenFileA
GopherOpenFileA
InternetReadFile
InternetConnectA
InternetWriteFile
InternetCrackUrlA
InternetCloseHandle
FtpSetCurrentDirectoryA
InternetGetLastResponseInfoA
InternetQueryOptionA
FtpFindFirstFileA
InternetSetStatusCallback
FtpCommandA
InternetQueryDataAvailable
HttpQueryInfoA

wsock32

WSAAsyncSelect
inet_addr
ioctlsocket
WSACleanup
htons
connect
ntohs
WSASetLastError
socket
closesocket
WSAStartup
htonl
send
accept
WSAGetLastError
recv
getpeername
bind
getsockname
sendto
select
recvfrom
gethostbyname

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

ws2_32

WSASocketA

oledlg

ord8

gdiplus

GdipCreateBitmapFromFileICM
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromStreamICM
GdiplusShutdown
GdipGetDC
GdipCreateBitmapFromScan0
GdipCloneImage
GdipGetImageHeight
GdiplusStartup
GdipGetImageWidth
GdipReleaseDC
GdipDrawImageI
GdipGetImagePalette
GdipGetImageGraphicsContext
GdipFree
GdipGetImagePixelFormat
GdipDeleteGraphics
GdipSaveImageToFile
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipGetImageEncoders
GdipBitmapUnlockBits
GdipCreateBitmapFromStream

psapi

GetProcessMemoryInfo
EnumProcesses

rasapi32

RasRenameEntryA

msvcrt

strtok

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zzsht
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xer
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 219KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xedr
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8fb7012845f20b384e63901e23eec2c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

winmm

rpcrt4

msimg32

version

wininet

wsock32

imm32

ws2_32

oledlg

gdiplus

psapi

rasapi32

msvcrt

Sections

.text Size: 9KB - Virtual size: 8KB

.zzsht Size: 3KB - Virtual size: 3KB

.xer Size: 606KB - Virtual size: 605KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 219KB - Virtual size: 744KB

.xedr Size: 9KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 9KB - Virtual size: 8KB

.zzsht
Size: 3KB - Virtual size: 3KB

.xer
Size: 606KB - Virtual size: 605KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 219KB - Virtual size: 744KB

.xedr
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 7KB