88533a73b97e07ec028bcc055e582c8c7800b1a73563330fe14a2692e2bc1a34

Sharing

Copy URL

Twitter E-mail

General

Target

88533a73b97e07ec028bcc055e582c8c7800b1a73563330fe14a2692e2bc1a34
Size

527KB
MD5

46f0df76ee0353a1c3c371fcccf67410
SHA1

8ea5d049bde022b3c7165dd479ee193fe4328a74
SHA256

88533a73b97e07ec028bcc055e582c8c7800b1a73563330fe14a2692e2bc1a34
SHA512

e6dc3317f6008fdaae5ac7208963420c628a3e799854e637102170fd36191cb4d036dfa0a5ea03373b2a049f087e395510143b9437218093e443308a29852371
SSDEEP

12288:xrHBf0Mg8BYA84y2P7uF1IrcL0E/0C3uhggszT8B8:xrHqMgGDy2PKF1IrcL0CFzTw8

Score

N/A

Malware Config

Signatures

Files

88533a73b97e07ec028bcc055e582c8c7800b1a73563330fe14a2692e2bc1a34
.exe windows x86

35daba486e682d0e47cd2b3eb50c2be5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
QueryDosDeviceW
GetLogicalDriveStringsW
GetExitCodeThread
TerminateThread
GetWindowsDirectoryW
GetTickCount
MoveFileExW
lstrcmpW
OutputDebugStringW
GetSystemPowerStatus
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
FlushFileBuffers
GetPrivateProfileStringW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
Process32FirstW
GetSystemDirectoryW
GetTempPathW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSize
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RaiseException
Process32NextW
Sleep
TerminateProcess
OpenProcess
GetCurrentProcessId
CreateEventW
CreateThread
ResetEvent
GetLocalTime
SetFileAttributesW
MoveFileW
SetEvent
WaitForSingleObject
WriteFile
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetFileAttributesW
CreateDirectoryW
GetPrivateProfileIntW
CreateFileW
GetFileSize
ReadFile
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
FreeResource
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
UnmapViewOfFile
CreateFileMappingW
MapViewOfFileEx
CloseHandle
WideCharToMultiByte
GetVersionExW
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
CreateProcessW

user32

IsChild
RegisterClassExW
SetWindowPos
GetClientRect
LoadCursorW
DefWindowProcW
IsWindow
UnregisterClassA
MapWindowPoints
SystemParametersInfoW
MoveWindow
GetDlgItem
PostMessageW
SendMessageW
GetWindowLongW
DestroyWindow
CreateWindowExW
SetWindowLongW
GetWindowRect
GetWindow
GetParent
InvalidateRect
GetClassInfoExW
CopyRect
InflateRect
IsDialogMessageW
GetFocus
SetForegroundWindow
ShowWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
ReleaseDC
GetDC
CharNextW
LoadImageW
LoadBitmapW
SetActiveWindow
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetActiveWindow
CharLowerA
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
ClientToScreen
SetRectEmpty
PostThreadMessageW
CallWindowProcW
IsWindowVisible
SetFocus
FillRect
DrawTextW
GetDlgCtrlID
PtInRect
SetRect
EqualRect
OffsetRect
SetCursor
DestroyIcon
DrawFrameControl
LoadIconW
DrawIconEx
KillTimer
IntersectRect
ScreenToClient
SetCapture
GetNextDlgTabItem
GetMonitorInfoW
MonitorFromWindow
UpdateLayeredWindow
BeginPaint
EndPaint
ReleaseCapture
GetCursorPos

gdi32

GetTextColor
RectInRegion
GetCurrentObject
TextOutW
GetTextExtentPoint32W
GetObjectA
CreateSolidBrush
GetClipRgn
GetViewportOrgEx
ExtSelectClipRgn
OffsetRgn
CreateRoundRectRgn
SetViewportOrgEx
SetBkMode
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectW
GetObjectW
SetStretchBltMode
CreateCompatibleBitmap
CreateBitmap
BitBlt
StretchBlt
SetTextColor
DeleteDC
CreateCompatibleDC
CreateDIBSection
GetStockObject
SelectObject
CreatePen
DeleteObject
CreateRectRgn
SetBkColor
ExtTextOutW
SaveDC
RestoreDC
SelectClipRgn
RoundRect
Rectangle

advapi32

RegOpenKeyW
OpenSCManagerW
ControlService
QueryServiceStatus
StartServiceW
OpenServiceW
DeleteService
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CloseServiceHandle
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

StrToIntW
StrStrIW
PathFileExistsW
PathAddBackslashW
PathAppendW
PathRemoveFileSpecW
StrToIntA

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

msvcp80

?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z

gdiplus

GdipGetImageGraphicsContext
GdipAddPathStringI
GdipCreateBitmapFromScan0
GdipDeleteFontFamily
GdipDrawPath
GdipSetSmoothingMode
GdipFillPath
GdipAddPathArcI
GdipClosePathFigure
GdipDeletePath
GdipCreatePath
GdipDrawLineI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipCloneBrush
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipSetCompositingQuality
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipDrawImagePointsRectI
GdipDrawImageRectRect
GdipDrawImageRectI
GdipImageRotateFlip
GdipDrawImageRectRectI
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipDrawImageI
GdipCreateFontFromLogfontA
GdipGetFamily
GdipGetFontSize
GdipDrawLinesI
GdipSetPenStartCap
GdipSetPenEndCap
GdipDrawLine
GdipAddPathRectangleI
GdipAddPathPieI
GdipSetClipPath
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipSetTextRenderingHint
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipSetPenMode

msvcr80

iswspace
wcsrchr
wcspbrk
wcschr
_wcslwr_s
setlocale
wcscpy_s
wcscmp
_waccess
memcpy
labs
wcsncpy_s
malloc
_recalloc
calloc
wcslen
vsprintf_s
_vscprintf
??2@YAPAXI@Z
_mbsicmp
_invalid_parameter_noinfo
memmove_s
memcpy_s
??0exception@std@@QAE@ABV01@@Z
_mbscmp
strlen
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_wtoi
swprintf_s
vswprintf_s
_vscwprintf
strcmp
memset
_CxxThrowException
_purecall
free
??_V@YAXPAX@Z
??3@YAXPAX@Z
tolower
isalpha
isalnum
strncmp
strchr
_beginthreadex
wcscat_s
_mbsstr
_time32
_wrename
wcstok
_mbschr
floor
ceil
wcsspn
wcscspn
abs
__RTDynamicCast
_stricmp
_wcsupr_s
_time64
fwrite
fclose
_wfopen
_vsnprintf
_wcsicmp
wcsstr
_wcsnicmp
wcstol
memmove
fprintf
sscanf_s
atoi
_vsnprintf_s
??0exception@std@@QAE@ABQBD@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_itow_s
towupper
realloc
_scwprintf
_strlwr_s
_ultoa_s
wcsnlen
_get_errno
_set_errno
strtol
_resetstkoflw
_controlfp_s
_invoke_watson
_crt_debugger_hook
isspace
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ

ws2_32

WSASetLastError
WSASocketW
closesocket
WSAStartup
WSACreateEvent
WSASetEvent
WSAEventSelect
WSARecv
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSAConnect
WSAGetLastError
WSAEnumNetworkEvents
WSACloseEvent
WSACleanup
freeaddrinfo
getaddrinfo

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35daba486e682d0e47cd2b3eb50c2be5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

msvcp80

gdiplus

msvcr80

ws2_32

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 6KB - Virtual size: 7KB

.rsrc Size: 212KB - Virtual size: 212KB

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 212KB - Virtual size: 212KB