9970374569138d843c4142feb3cfecfdca851c4a54ab216b0136f29d8be3f040

Sharing

Copy URL Twitter E-mail

General

Target

9970374569138d843c4142feb3cfecfdca851c4a54ab216b0136f29d8be3f040
Size

424KB
MD5

684f76ba06495fb4c25d961c5ad6fee0
SHA1

901c8cc1d55e639cceeaa7ffd39181d9188eb534
SHA256

9970374569138d843c4142feb3cfecfdca851c4a54ab216b0136f29d8be3f040
SHA512

5742f27dd8407f4288a0529b228b266ecd307df8f5152b1434186a5ff8bdb695921365ad8d153e5fb10fbcbf303cae2f198a9ecc77e2f14cd3ec861bef49c628
SSDEEP

6144:eRDpc2Ia/sSyd8unLDckpWF5agfRia8Q/kSVmRm4ljslSG0Or3p8FTfrG4ytN:qDp3IabUlpWFAgc/W4lUSG9m6tN

Score

N/A

Malware Config

Signatures

Files

9970374569138d843c4142feb3cfecfdca851c4a54ab216b0136f29d8be3f040
.exe windows x86

0b50de6fdb273867d81af53b7e9da690

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursor
InvalidateRgn
PostMessageA
CopyRect
DrawTextA
InflateRect
DrawFrameControl
MapDialogRect
DrawIcon
InvalidateRect
UpdateWindow
GetWindowDC
SetWindowRgn
GetDesktopWindow
IsWindowEnabled
EnableWindow
GetClientRect
SetForegroundWindow
CreateDialogIndirectParamA
SetActiveWindow
PostThreadMessageA
ScrollDC
CopyIcon
MapVirtualKeyA
GetKeyNameTextA
GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
ChangeDisplaySettingsW
TranslateAcceleratorW
PostThreadMessageW
HiliteMenuItem
GetCapture
EmptyClipboard
GetCaretBlinkTime
CallMsgFilterA
ChangeMenuW
InsertMenuA
GetWindow
GetSysColor
GetWindowModuleFileNameA
DrawFocusRect
RegisterWindowMessageW
SetRect
DrawIconEx
DestroyIcon
PtInRect
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
DrawTextExW
GrayStringW
TabbedTextOutW
GetLastActivePopup
GetMessagePos
GetMessageTime
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsChild
GetDlgCtrlID
GetKeyState
GetMenu
SetMenu
TrackPopupMenuEx
ValidateRect
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
SetWindowLongW
GetClassLongW
GetTopWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
WinHelpW
MonitorFromWindow
IsDialogMessageW
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
CreateDialogIndirectParamW
GetActiveWindow
SetWindowContextHelpId
WindowFromPoint
DestroyMenu
CharUpperW
RealChildWindowFromPoint
CharNextW
CopyAcceleratorTableW
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
LoadStringW
GetForegroundWindow
PeekMessageW
LoadBitmapW
GetSysColorBrush
GetNextDlgTabItem
GetAsyncKeyState
EqualRect
NotifyWinEvent
DestroyCursor
SetRectEmpty
RedrawWindow
IsWindowVisible
SetParent
ClientToScreen
AppendMenuW
CreatePopupMenu
GetFocus
SetCapture
ReleaseCapture
SetCursor
GetCursorPos
ExitWindowsEx
OffsetRect
FindWindowW
GetWindowLongW
GetClassNameW
GetSystemMenu
GetWindowThreadProcessId
AllowSetForegroundWindow
MessageBoxW
PostMessageW
UnregisterClassW
DispatchMessageW
GetMessageW
SetWindowTextW
SendMessageW
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
DefWindowProcW
PostQuitMessage
KillTimer
DrawTextW
SetTimer
GetSystemMetrics
MoveWindow
EndDialog
LoadIconA
GetDlgItem
SendMessageA
SetDlgItemTextA
SetWindowLongA
DialogBoxIndirectParamA
CharUpperA
WaitForInputIdle
wsprintfA
GetWindowRect
GetWindowLongA
ShowWindow
IntersectRect
SetWindowTextA
RegisterClassExA
CreateWindowExA
GetClassNameA
GetDialogBaseUnits
EnumChildWindows
CallWindowProcA
CharLowerBuffA
GetDlgItemTextA
SetFocus
IsDlgButtonChecked
CheckDlgButton
BeginPaint
EndPaint
FillRect
ScreenToClient
GetParent
SystemParametersInfoA
MapWindowPoints
SetWindowPos
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
SendDlgItemMessageA
DefWindowProcA
GetPropA
EnableMenuItem
SetPropA
RemovePropA
IsWindow
IsDialogMessageA
TranslateMessage
LoadImageA
CreateDialogParamA
GetDC
ReleaseDC
GetMessageA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
GetWindowInfo

shell32

ExtractIconA
ShellExecuteExW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
DragFinish
FindExecutableA
DoEnvironmentSubstW
ExtractIconExA
FindExecutableW
ExtractIconExW
DragAcceptFiles
SHGetFileInfoA
ShellExecuteExA
SHChangeNotify
DragQueryFileA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteW

oledlg

OleUIBusyW

ole32

StringFromIID
CoInitialize
CoInitializeEx
CoUninitialize
CoCreateInstance
StringFromCLSID
ProgIDFromCLSID
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateGuid
CoRevokeClassObject
CoRegisterClassObject
GetRunningObjectTable
OleGetIconOfFile
CoReleaseMarshalData
CoMarshalInterThreadInterfaceInStream
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoGetObject
OleCreateLink
OleCreateFromFile
StgIsStorageFile
CoGetInterfaceAndReleaseStream

advapi32

ClearEventLogW
RegQueryValueW
RegQueryInfoKeyW
RegEnumValueW
ControlService
StartServiceW
CreateServiceW
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
InitiateSystemShutdownExW
LookupPrivilegeValueW
RegDeleteKeyW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
GetLengthSid
RegEnumKeyExW
RegQueryValueA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
GetUserNameA
RegOpenKeyA
RegQueryInfoKeyA
GetFileSecurityA
RegCreateKeyA
LookupPrivilegeDisplayNameW
UnlockServiceDatabase
ObjectDeleteAuditAlarmA
EqualSid
SetFileSecurityA
RegReplaceKeyW
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegFlushKey
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
DecryptFileW
RegSetValueA
RegEnumKeyA

gdi32

RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetSystemPaletteEntries
RectVisible
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetNearestPaletteIndex
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
ExtTextOutW
ExtTextOutA
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt
Chord
ColorCorrectPalette
CreateColorSpaceW
AbortPath
AnimatePalette
BeginPath
CombineTransform
AddFontResourceExA
AngleArc
CreateDCW
CombineRgn
Rectangle
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
StretchBlt
StretchDIBits
UnrealizeObject
SetMapMode
CreateRectRgn
TextOutA
SetWindowExtEx
SetViewportExtEx
PlayMetaFile
SelectClipRgn
SetMetaFileBitsEx
DeleteMetaFile
CreatePatternBrush
CreateDCA
CreateRoundRectRgn
CreatePen
GetTextExtentExPointW
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
TextOutW
ExtSelectClipRgn
PtVisible
GetWindowExtEx
GetViewportExtEx
Escape
GetObjectW
Ellipse
GetTextMetricsW
CreateFontIndirectW
SetDIBits
GetCurrentObject
GetMapMode
LPtoDP
GetBkColor
DPtoLP
EnumFontFamiliesW
GetTextColor
SetBitmapBits
GetStockObject
MaskBlt

comctl32

ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Add
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Draw
ImageList_Replace
ImageList_DrawEx
ImageList_Remove
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_Read
ImageList_Write
ImageList_GetIconSize
ImageList_SetIconSize
_TrackMouseEvent
ImageList_AddMasked
PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_GetImageInfo
InitCommonControlsEx
ord17

shlwapi

PathIsUNCW
PathFindExtensionW
PathAddBackslashW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathAppendW
PathIsRootW

winspool.drv

OpenPrinterW
EnumPrinterDriversA
ClosePrinter
EnumMonitorsA
DocumentPropertiesW

kernel32

TerminateThread
WriteProfileStringA
GetVersionExA
ResumeThread
GetProfileStringA
GetTempFileNameA
SetEvent
GetWindowsDirectoryA
GetFileAttributesA
GetFullPathNameA
CloseHandle
CreateEventA
CopyFileA
GlobalFree
GetExitCodeThread
ReadFile
GlobalLock
GlobalUnlock
GetFileSize
GlobalAlloc
FindResourceExA
VirtualProtect
GetSystemTimeAsFileTime
FindResourceA
GetTickCount
Sleep
lstrcatA
GetModuleHandleA
LocalFree
GetSystemDirectoryA
lstrcmpA
lstrcmpiA
CreateProcessA
WaitForSingleObject
lstrcpynA
GetVersion
WriteFile
GetLastError
GetACP
lstrcpyA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
LoadLibraryA
CreateFileA
MulDiv
FreeLibrary
GetProcAddress
DeleteFileA
GetModuleFileNameA
GetTempPathA
lstrlenA
LoadLibraryExW
GetFileAttributesW
GlobalDeleteAtom
MultiByteToWideChar
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFindAtomA
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
FlushFileBuffers
LockFile
SetFilePointer
SetEndOfFile
MoveFileA
UnlockFile
FindFirstFileA
GetVolumeInformationA
FindClose
GetThreadLocale
GetShortPathNameA
GetStringTypeExA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetLastError
DeleteCriticalSection
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
GetProfileIntA
SetThreadPriority
GetCurrentDirectoryA
lstrlenW
GetCurrentThread
GetFileTime
GetDiskFreeSpaceA
SetFileTime
FileTimeToLocalFileTime
TlsAlloc
FileTimeToSystemTime
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
TlsGetValue
TlsSetValue
GetProcessVersion
GetCPInfo
GlobalFlags
LocalFileTimeToFileTime
SystemTimeToFileTime
GetOEMCP
SetErrorMode
lstrcpyW
RtlUnwind
GlobalSize
HeapAlloc
GetTimeZoneInformation
HeapFree
GetLocalTime
GetStartupInfoA
GetSystemTime
ExitProcess
RaiseException
GetCommandLineA
ExitThread
HeapReAlloc
CreateThread
SetStdHandle
GetFileType
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapSize
VirtualFree
VirtualAlloc
HeapCreate
FatalAppExitA
LCMapStringA
IsBadWritePtr
SetHandleCount
GetStdHandle
LCMapStringW
CompareStringW
UnhandledExceptionFilter
CompareStringA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeA
GetStringTypeW
GetEnvironmentStringsW
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
SetEnvironmentVariableA
AddAtomA
RemoveDirectoryA
SetThreadContext
FlushInstructionCache
WriteProcessMemory
VirtualProtectEx
GetThreadContext
QueryPerformanceFrequency
CreateMutexA
ReleaseMutex
GetPrivateProfileSectionNamesA
GetSystemDefaultLangID
GetSystemInfo
MoveFileExA
QueryPerformanceCounter
ResetEvent
VirtualQuery
FindNextFileA
SearchPathA
GetCurrentProcessId
FreeResource
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFileAttributesA
LoadLibraryExA
CreateDirectoryA
GetExitCodeProcess
GetDriveTypeA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetConsoleMode
GetConsoleCP
GetStartupInfoW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableW
CreateFileMappingW
QueryDosDeviceW
GetCurrentDirectoryW
GetDriveTypeW
GetFileInformationByHandle
GetProcessAffinityMask
GlobalMemoryStatusEx
GetSystemDirectoryW
GetShortPathNameW
ExpandEnvironmentStringsW
GetProcessHeap
ReleaseSemaphore
CreateSemaphoreW
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
GetCommandLineW
DeviceIoControl
FormatMessageW
LoadLibraryW
SetFileAttributesW
CreateHardLinkW
OutputDebugStringW
GetEnvironmentVariableW
CreateProcessW
DeleteFileW
MoveFileExW
CreateDirectoryW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindResourceW
CreateEventW
GetModuleFileNameW
GetVersionExW
GetWindowsDirectoryW
GetLocaleInfoW
IsProcessorFeaturePresent
GetModuleHandleExW
GetFileAttributesExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetVolumeInformationW
GlobalFindAtomW
SwitchToThread
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateMutexW
GetFullPathNameW
lstrcpynW
DosDateTimeToFileTime
WaitForMultipleObjects
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
ReadConsoleW
MoveFileW
GetTempPathW
GetTempFileNameW
lstrcmpW
FindResourceExW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
OpenProcess
GetPrivateProfileStringW
GlobalAddAtomW
OutputDebugStringA
InterlockedIncrement
InterlockedDecrement
FormatMessageA
FindFirstVolumeA
GetAtomNameA
GetModuleHandleW
LocalAlloc

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b50de6fdb273867d81af53b7e9da690

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

oledlg

ole32

advapi32

gdi32

comctl32

shlwapi

winspool.drv

kernel32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 6KB - Virtual size: 177KB

.rsrc Size: 234KB - Virtual size: 233KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 177KB

.rsrc
Size: 234KB - Virtual size: 233KB