89539f5b5490934583df1c43ab57f9e2b4987653756751b0aa245ed62ed73782

Sharing

Copy URL Twitter E-mail

General

Target

89539f5b5490934583df1c43ab57f9e2b4987653756751b0aa245ed62ed73782
Size

4.3MB
MD5

625b1d5402f76b0dfabfbd7574f7b22b
SHA1

9bef354bf0e3b06c057b46898ce0cbd0d8d8adb3
SHA256

89539f5b5490934583df1c43ab57f9e2b4987653756751b0aa245ed62ed73782
SHA512

9d8bf19e80a20e9fce510ac8bf24b3b33e7fe81b101c82c404dfd326c82823f86c364cb4e07c344afde66cc938f761450ee874821ec3fedf56a807602ac2f988
SSDEEP

49152:yd6cMSbQGUVeu6kYow+wl78BR+PdQ2qTtMf9c3q/BU0h850+S1a61sjjwinkzNrv:yMM0zWoNqdQZMF5Xt1dxrv

Score

N/A

Malware Config

Signatures

Files

89539f5b5490934583df1c43ab57f9e2b4987653756751b0aa245ed62ed73782
.exe windows x86

e9b7bd120793bf43b15fde6080de3243

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
GetProfileIntW
GetVersionExW
MoveFileW
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
FileTimeToSystemTime
GlobalFlags
FileTimeToLocalFileTime
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
ExitProcess
GetCPInfo
HeapReAlloc
GetFileAttributesA
GetCurrentThread
GetDateFormatA
GetDriveTypeW
ExitThread
GetFileType
MoveFileA
DeleteFileA
CreateProcessA
SetStdHandle
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
GetConsoleCP
GetConsoleMode
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetEnvironmentVariableA
SetEnvironmentVariableW
CreatePipe
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
SuspendThread
GetCurrentThreadId
SetThreadPriority
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
OpenSemaphoreA
CreateSemaphoreA
SearchPathA
LocalAlloc
SystemTimeToFileTime
GetSystemTime
DeviceIoControl
GetPrivateProfileIntA
GetPrivateProfileStringA
FindClose
FindNextFileA
FindNextFileW
FindFirstFileA
VirtualFree
VirtualAlloc
GetDriveTypeA
GetVolumeInformationA
GetProcessTimes
GetEnvironmentVariableW
GetCommandLineW
GetWindowsDirectoryA
CreateEventA
SetHandleInformation
SetErrorMode
OutputDebugStringA
GetVersion
GetFileAttributesW
SetEvent
WaitForMultipleObjects
ResetEvent
CreateEventW
CreateThread
ResumeThread
SwitchToThread
TerminateThread
TlsFree
TlsAlloc
GetEnvironmentVariableA
QueryPerformanceFrequency
QueryPerformanceCounter
LocalFree
FormatMessageW
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentProcessId
CreateMutexA
ReleaseMutex
ReleaseSemaphore
InterlockedCompareExchange
lstrcpynW
lstrcpyW
GetThreadPriority
WaitForSingleObject
Sleep
GetACP
lstrlenA
GetDateFormatW
GetTimeFormatW
lstrlenW
LoadLibraryA
FreeLibrary
IsValidCodePage
IsDBCSLeadByteEx
GetFullPathNameW
GetFullPathNameA
GetVersionExA
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetTickCount
GetCurrentDirectoryW
GetCurrentDirectoryA
ReadFile
GetStdHandle
GetCurrentProcess
DuplicateHandle
CreateFileA
CreateDirectoryW
FindFirstFileW
WideCharToMultiByte
GetModuleFileNameW
FreeResource
GetLocalTime
CreateFileW
GetFileSize
WriteFile
SetFilePointer
CloseHandle
CreateSemaphoreW
GlobalFree
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
DeleteFileW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
GetTimeFormatA
SizeofResource

user32

RegisterClipboardFormatW
PostThreadMessageW
CharUpperW
MsgWaitForMultipleObjects
SetWindowContextHelpId
MapDialogRect
DestroyMenu
CreateDialogIndirectParamW
GetNextDlgTabItem
GetWindowThreadProcessId
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetScrollRange
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
CallNextHookEx
GetMessageW
PeekMessageW
ValidateRect
GetMenuState
DialogBoxIndirectParamA
CreateDialogIndirectParamA
MoveWindow
SetWindowTextA
SetFocus
GetActiveWindow
GetQueueStatus
UnregisterClassA
MessageBoxA
EndDialog
GetDlgItemTextA
GetDlgItemTextW
SetDlgItemTextA
GetWindowLongA
SendMessageA
GetDlgItem
wsprintfA
GetAsyncKeyState
GetMessagePos
ScreenToClient
GetCursorPos
DrawIconEx
DestroyIcon
ClientToScreen
PostMessageW
LoadImageW
GetSysColor
SetParent
MessageBeep
MapWindowPoints
GetFocus
GetCapture
LoadBitmapW
PtInRect
GetParent
RedrawWindow
FrameRect
FillRect
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
OffsetRect
CopyRect
UnregisterClassW
GetClassInfoExW
GetSysColorBrush
IsWindow
GetDesktopWindow
LoadStringW
LoadCursorW
SetCursor
InsertMenuW
GetMenuItemID
IsWindowVisible
LoadAcceleratorsW
InflateRect
GetKeyState
GetSystemMetrics
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
InvalidateRect
GetWindowRect
IsIconic
GetSystemMenu
GetMenu
ModifyMenuW
EnableMenuItem
AppendMenuW
DrawIcon
FindWindowW
BringWindowToTop
ShowWindow
SetWindowLongW
MessageBoxW
GetSubMenu
GetMenuItemCount
ReleaseCapture
LoadIconW
EnableWindow
SetCapture
KillTimer
SetTimer
UpdateWindow
ReleaseDC
GetDC
GetClientRect
SendMessageW
SetWindowsHookExW

gdi32

GetStockObject
CreatePen
CreateFontIndirectW
GetMapMode
DPtoLP
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateCompatibleDC
SetMapMode
SetStretchBltMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateRectRgnIndirect
CopyMetaFileW
GetDeviceCaps
BitBlt
Rectangle
CreateCompatibleBitmap
GetBkColor
GetStretchBltMode
CreateDIBPatternBrushPt
CreateSolidBrush
DeleteObject
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
GetObjectW
StretchBlt
SelectObject

msimg32

TransparentBlt

comdlg32

GetOpenFileNameA
GetFileTitleW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
GetUserNameW
GetUserNameA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExW
RegOverridePredefKey
RegEnumKeyW
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
DragQueryFileW

comctl32

ord17

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoInitialize
CoRevokeClassObject
CoCreateInstance
CoRegisterMessageFilter
OleFlushClipboard
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
OleIsCurrentClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString

winmm

timeEndPeriod
timeBeginPeriod
timeKillEvent
timeSetEvent
timeGetTime

netapi32

Netbios

ws2_32

gethostbyaddr
gethostbyname
gethostname
ntohl
ntohs
setsockopt
ioctlsocket
send
recv
getprotobyname
htons
socket
connect
select
__WSAFDIsSet
getsockopt
closesocket
WSAStartup
WSAGetLastError
WSACleanup
inet_addr
inet_ntoa
htonl

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textidx
Size: 696KB - Virtual size: 694KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 764KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 348KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TORQ_CX_
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fnp_dir
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fnp_mar
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtextid
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e9b7bd120793bf43b15fde6080de3243

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

netapi32

ws2_32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.textidx Size: 696KB - Virtual size: 694KB

CONST Size: 4KB - Virtual size: 80B

.rdata Size: 764KB - Virtual size: 760KB

.data Size: 348KB - Virtual size: 1.5MB

TORQ_CX_ Size: 4KB - Virtual size: 4KB

.fnp_dir Size: 4KB - Virtual size: 116B

.fnp_mar Size: 4KB - Virtual size: 1B

.rsrc Size: 296KB - Virtual size: 292KB

.rtextid Size: 68KB - Virtual size: 68KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.textidx
Size: 696KB - Virtual size: 694KB

CONST
Size: 4KB - Virtual size: 80B

.rdata
Size: 764KB - Virtual size: 760KB

.data
Size: 348KB - Virtual size: 1.5MB

TORQ_CX_
Size: 4KB - Virtual size: 4KB

.fnp_dir
Size: 4KB - Virtual size: 116B

.fnp_mar
Size: 4KB - Virtual size: 1B

.rsrc
Size: 296KB - Virtual size: 292KB

.rtextid
Size: 68KB - Virtual size: 68KB