8520990dc105ca64488408ea72279a4524231cfed4ac8bba3f1d7614e56aa62b

Sharing

Copy URL Twitter E-mail

General

Target

8520990dc105ca64488408ea72279a4524231cfed4ac8bba3f1d7614e56aa62b
Size

672KB
MD5

4e191afe3128fe8f380376946231e850
SHA1

9b955450ab0566a9a90e405f35d9ed00d68b0ab0
SHA256

8520990dc105ca64488408ea72279a4524231cfed4ac8bba3f1d7614e56aa62b
SHA512

2645e3a7a933e131e4ad90d45fa2f1e540c05f8c50c936036a02595fe5759679a04f6e7c414232cb5c73e9868199aac187397bdfec800fb9fe914c3a467db4c2
SSDEEP

12288:o/eCYZVMIZJm7d3Mtc4sjpa3g0F6ObGVBMUxkxuJpR+8a1toxb:AefZmewRctE1ULbGVBMGAuJpHb

Score

N/A

Malware Config

Signatures

Files

8520990dc105ca64488408ea72279a4524231cfed4ac8bba3f1d7614e56aa62b
.exe windows x86

115efaeaf6f9db0467a10a86fa56741c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
FtpPutFileW
InternetConnectW
InternetOpenW

psapi

GetModuleInformation

kernel32

SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetTickCount
SetFileTime
GetFileTime
GetTempFileNameW
GetDiskFreeSpaceW
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
lstrlenA
SetErrorMode
GetFileAttributesExW
LocalFileTimeToFileTime
GetFileSizeEx
GetStartupInfoW
HeapFree
HeapAlloc
UnhandledExceptionFilter
IsDebuggerPresent
UnlockFile
RaiseException
HeapReAlloc
ExitProcess
HeapSize
GetSystemInfo
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
MoveFileW
FindFirstFileW
FileTimeToLocalFileTime
FindNextFileW
FindClose
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GlobalGetAtomNameW
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
lstrlenW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
VirtualAlloc
VirtualFree
SetThreadContext
FlushInstructionCache
VirtualProtect
InterlockedCompareExchange
VirtualQuery
CreateFileW
CreateDirectoryW
GetTempPathW
OutputDebugStringA
GetVersionExA
ReadProcessMemory
ResumeThread
GetThreadContext
SuspendThread
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GetFileAttributesW
GetCurrentThreadId
WriteProfileStringW
GetProfileStringW
GetVersionExW
WinExec
FreeLibrary
GetModuleHandleW
SetLastError
WideCharToMultiByte
GetEnvironmentVariableW
GetShortPathNameW
WaitForSingleObject
WritePrivateProfileStringW
GetLastError
WritePrivateProfileStringA
Thread32Next
TerminateThread
Thread32First
OpenThread
SetFileAttributesW
VirtualProtectEx
SetUnhandledExceptionFilter
GetCurrentThread
GetModuleHandleA
Process32NextW
Process32FirstW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
OutputDebugStringW
DeleteFileW
TerminateProcess
Sleep
CreateProcessW
GetPrivateProfileStringW
GetPrivateProfileIntW
LockResource
GetCurrentProcessId
GetCurrentProcess
LoadLibraryW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
GetProcAddress
CreateThread
CloseHandle
RtlUnwind

user32

SetWindowRgn
LoadCursorW
GetSysColorBrush
UnregisterClassW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
MapDialogRect
SetWindowContextHelpId
DestroyIcon
GetNextDlgGroupItem
MessageBeep
UnionRect
UnpackDDElParam
ReuseDDElParam
SetCursor
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
CopyAcceleratorTableW
SetRect
IsRectEmpty
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
TranslateMessage
GetActiveWindow
ValidateRect
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
DrawIcon
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CopyRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
CloseWindow
SetClassLongW
CallWindowProcW
PeekMessageW
GetDesktopWindow
UnhookWindowsHookEx
SetWindowsHookExW
UpdateWindow
WindowFromPoint
ScreenToClient
CallNextHookEx
PtInRect
GetClientRect
LoadMenuA
GetMenuItemID
GetMenuStringW
GetMenuItemCount
AppendMenuW
GetSubMenu
LoadMenuW
SetWindowLongW
ShowOwnedPopups
RegisterClipboardFormatW
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
CharUpperW
KillTimer
SetTimer
ClientToScreen
IsChild
GetSystemMetrics
GetWindowLongW
SetFocus
GetKeyState
GetFocus
GetParent
GetWindowRect
GetCursorPos
LoadImageW
LoadIconW
CreatePopupMenu
IsWindow
CharNextW
wsprintfW
EnumChildWindows
GetWindowTextA
ShowWindow
GetWindowTextW
MessageBoxW
PostThreadMessageW
PostMessageW
GetClassNameW
FindWindowExW
SetWindowPos
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
GetMessageW
EnableWindow
SendMessageW
RegisterWindowMessageW
GetMessagePos
IsZoomed
GetScrollRange
GetMenuState

gdi32

Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
TextOutW
PtVisible
CreateSolidBrush
CreateEllipticRgn
LPtoDP
Ellipse
GetTextColor
GetMapMode
GetStockObject
RectVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetBkColor
StretchDIBits
DeleteDC
CreateFontW
GetCharWidthW
DeleteObject
GetTextMetricsW
SelectObject
CreateCompatibleBitmap
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
GetRgnBox
CreateRectRgnIndirect

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegSetValueW
GetUserNameA
RegEnumKeyExW
RegQueryValueExA
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
ShellExecuteW

shlwapi

StrStrIW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
SHGetValueW
PathFileExistsW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CLSIDFromProgID
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoUninitialize
CoInitializeEx
CoTaskMemAlloc

oleaut32

SafeArrayUnaccessData
SysAllocString
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VariantClear
SysAllocStringLen
VariantChangeType
VariantInit
SysStringLen

urlmon

URLDownloadToFileW
CoInternetSetFeatureEnabled

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW

ws2_32

gethostbyname
inet_addr
gethostbyaddr
inet_ntoa
WSCDeinstallProvider
WSAStartup

Sections

.text
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

115efaeaf6f9db0467a10a86fa56741c

Headers

DLL Characteristics

File Characteristics

Imports

wininet

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

urlmon

version

ws2_32

Sections

.text Size: 384KB - Virtual size: 383KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 13KB - Virtual size: 30KB

.rsrc Size: 165KB - Virtual size: 165KB

.text
Size: 384KB - Virtual size: 383KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 13KB - Virtual size: 30KB

.rsrc
Size: 165KB - Virtual size: 165KB