ac9c3baa24ab99a651f3de47e2cdb769b4ac2f54ede42d1ea53843c55bf3ed43

Sharing

Copy URL Twitter E-mail

General

Target

ac9c3baa24ab99a651f3de47e2cdb769b4ac2f54ede42d1ea53843c55bf3ed43
Size

2.3MB
MD5

6a85427c8baece0cd67aa91b0d081e23
SHA1

40926d74110d19296ac2376e730d3045f25a56c5
SHA256

ac9c3baa24ab99a651f3de47e2cdb769b4ac2f54ede42d1ea53843c55bf3ed43
SHA512

2869d1783a597bdbfe1b157ae65f52aefa02d1eca8313d1d80d9d15edbb6d11e8d1c45df82a11570cc684d326e47574134a1cd8434e90b9eaeb4f5a9244b1acb
SSDEEP

49152:yB2ZdWU/4zEcEHz2rtCTXJKDQlN9R9HxPhLniyOyNIv+:xZdWUwzEcWy00UPH9HuyOyNI2

Score

N/A

Malware Config

Signatures

Files

ac9c3baa24ab99a651f3de47e2cdb769b4ac2f54ede42d1ea53843c55bf3ed43
.exe windows x86

ed384990b3320a1dc646cf825a22714c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFileExA
HttpQueryInfoA
InternetSetOptionA
InternetConnectA
InternetSetStatusCallbackA
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetSetCookieW
InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetSetStatusCallbackW
InternetSetOptionW
HttpQueryInfoW
InternetReadFileExW
InternetCloseHandle
InternetGetConnectedState

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

InitCommonControlsEx

kernel32

GetModuleHandleW
GetCurrentThreadId
DeleteFileW
GetUserDefaultLangID
CreateThread
LoadLibraryW
GetProcAddress
FreeLibrary
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetSystemInfo
WriteConsoleA
GetDriveTypeA
GetCurrentDirectoryA
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetStdHandle
GetConsoleMode
GetConsoleCP
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetFileType
SetHandleCount
HeapSize
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
ExitThread
GetFullPathNameW
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
ExitProcess
GetCurrentProcessId
GetCommandLineW
LocalFree
OpenMutexW
CreateMutexW
CreateFileW
GetLastError
CreateEventW
WaitForSingleObject
SetEvent
WriteFile
CloseHandle
GetModuleFileNameW
GetComputerNameA
GetExitCodeProcess
CreateProcessA
GetConsoleOutputCP
RtlUnwind
RaiseException
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
VirtualFree
VirtualAlloc
MulDiv
GlobalAlloc
GlobalFree
SetLastError
GetVersionExA
SetFileTime
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
CreateDirectoryW
GetShortPathNameW
GetDiskFreeSpaceExW
FlushFileBuffers
FindFirstFileW
FindNextFileW
FindClose
GetCurrentDirectoryW
SetCurrentDirectoryW
TlsSetValue
DuplicateHandle
VirtualQuery
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetTempFileNameW
MoveFileW
GetFileAttributesW
GetFileSize
GetFileAttributesExW
InterlockedIncrement
InterlockedDecrement
SetFilePointer
ReadFile
GetDiskFreeSpaceW
GetVersionExW
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
LoadLibraryA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleA
GlobalMemoryStatus
Sleep
SetThreadPriority
GetThreadPriority
TlsGetValue
TlsFree
SignalObjectAndWait
QueryPerformanceCounter
GetTickCount
GetCurrentThread
FileTimeToLocalFileTime
GetFileAttributesA
FileTimeToSystemTime
SystemTimeToFileTime
TlsAlloc
QueryPerformanceFrequency
GetModuleFileNameA
GetComputerNameW
GetTempPathW
MultiByteToWideChar

user32

SetPropW
GetCapture
EnumChildWindows
SetCursor
SystemParametersInfoW
GetWindowPlacement
GetPropW
RemovePropW
GetMenuItemInfoW
GetMenuStringW
GetMenuItemID
IsMenu
GetClassNameW
ReleaseCapture
SetCapture
GetFocus
GetParent
DrawFocusRect
SetWindowPlacement
GetDesktopWindow
BeginPaint
KillTimer
GetWindowTextW
ShowWindow
DialogBoxParamW
MessageBoxW
FindWindowW
GetWindowThreadProcessId
IsWindow
LoadCursorW
SetWindowLongW
PostMessageW
SetForegroundWindow
DefWindowProcW
GetWindowDC
OffsetRect
ClientToScreen
SetRect
DrawTextW
InflateRect
LoadMenuW
LoadAcceleratorsW
SetWindowsHookExW
GetMenuItemCount
GetSubMenu
IsIconic
DrawIcon
DestroyMenu
UnhookWindowsHookEx
TranslateAcceleratorW
CallNextHookEx
GetDlgCtrlID
GetClientRect
GetSystemMetrics
SetWindowPos
GetScrollInfo
CheckDlgButton
IsDlgButtonChecked
DestroyWindow
EnableWindow
CreateDialogParamW
BringWindowToTop
LoadImageW
SetFocus
ScreenToClient
MoveWindow
GetMenu
ModifyMenuW
SetTimer
IsWindowVisible
GetWindowTextLengthW
GetDC
GetWindowRect
ReleaseDC
EndPaint
FillRect
InvalidateRect
EndDialog
SetDlgItemTextW
GetDlgItem
SetWindowTextW
LoadIconW
SendMessageW
MsgWaitForMultipleObjects
CopyImage
CallWindowProcW
GetWindowLongW
TrackMouseEvent
SetWindowRgn
IsWindowEnabled
DrawIconEx
CreateWindowExW
PtInRect
IsZoomed
TrackPopupMenu
SetMenuDefaultItem
EnableMenuItem
RemoveMenu
GetSystemMenu
DestroyIcon
EnumWindows

gdi32

CreatePen
CreateRectRgn
GetPixel
Rectangle
MoveToEx
LineTo
GetStockObject
SetBkMode
SetBkColor
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
SelectObject
DeleteObject
DeleteDC
CreateSolidBrush
SetPixel
ExcludeClipRect
GetObjectW
CreateEllipticRgn
CreatePolygonRgn
CreateFontIndirectW
GetDeviceCaps
RestoreDC
SaveDC
GetTextColor
SelectClipRgn
CreateRectRgnIndirect
BitBlt
GetTextExtentPoint32W

comdlg32

GetSaveFileNameW

shell32

Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
CommandLineToArgvW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleSetContainedObject
OleInitialize
CoInitialize
CoUninitialize
OleCreate
CoCreateInstance
CreateStreamOnHGlobal

msimg32

TransparentBlt

iphlpapi

GetTcpTable
GetAdaptersInfo

rpcrt4

UuidCreate

ws2_32

connect
sendto
inet_addr
ntohl
getpeername
getsockname
ntohs
inet_ntoa
send
WSACleanup
accept
ioctlsocket
select
WSAGetLastError
WSASetLastError
WSAStartup
setsockopt
getsockopt
socket
closesocket
__WSAFDIsSet
listen
bind
recv
gethostname
gethostbyname
htonl
htons

advapi32

RegOpenKeyExW
RegDeleteKeyA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumKeyExW
GetUserNameW
RegQueryValueExW
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExA
RegCloseKey

oleaut32

SysStringLen
SysFreeString
VariantInit
SysAllocString
VariantClear
OleLoadPicture

Sections

.text
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed384990b3320a1dc646cf825a22714c

Headers

DLL Characteristics

File Characteristics

Imports

wininet

version

comctl32

kernel32

user32

gdi32

comdlg32

shell32

ole32

msimg32

iphlpapi

rpcrt4

ws2_32

advapi32

oleaut32

Sections

.text Size: 752KB - Virtual size: 751KB

.rdata Size: 280KB - Virtual size: 279KB

.data Size: 28KB - Virtual size: 83KB

Size: 60KB - Virtual size: 57KB

.rsrc Size: 132KB - Virtual size: 131KB

.text
Size: 752KB - Virtual size: 751KB

.rdata
Size: 280KB - Virtual size: 279KB

.data
Size: 28KB - Virtual size: 83KB

.rsrc
Size: 132KB - Virtual size: 131KB