4ca2f576bc6cf32a058557625a8f69058112f455cf78bf980e14f573e48e3849

Sharing

Copy URL

Twitter E-mail

General

Target

4ca2f576bc6cf32a058557625a8f69058112f455cf78bf980e14f573e48e3849
Size

510KB
MD5

824f46ae1d98c3df4926c37b5c04dc90
SHA1

6f34b0da7420988b058dbef6cf49a21b8ae16f0f
SHA256

4ca2f576bc6cf32a058557625a8f69058112f455cf78bf980e14f573e48e3849
SHA512

7d2c1cd8e0768ab6ad2579e935327466304a0096ee2f995b0f6fe30e8067a5959e25f4804c2ead96313a37cbf6d501db18c82408afe158760beb348b571442d6
SSDEEP

12288:KVLECggoVpq2ByXJ7AFBWwEYdVNYJKnnUI/gSY:KetgIQZ7AF6IId

Score

N/A

Malware Config

Signatures

Files

4ca2f576bc6cf32a058557625a8f69058112f455cf78bf980e14f573e48e3849
.exe windows x86

439de0527de383756700263a4db74026

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMonitorInfoW
GetWindowModuleFileNameW
IsCharAlphaW
IsCharUpperA
MonitorFromWindow
SetWindowWord
GetKeyboardLayoutList
CreateAcceleratorTableW
KillTimer
IsZoomed
GetSubMenu
DrawIconEx
SetForegroundWindow
IsWindowEnabled
GetMenuItemInfoW
TranslateMessage
LoadAcceleratorsW
ChildWindowFromPoint
GetMenu
IsDialogMessageW
CheckMenuRadioItem
UnionRect
GetWindowTextW
GetClassNameW
EnableMenuItem
GetMenuState
GetDesktopWindow
CheckDlgButton
EnumChildWindows
IsDlgButtonChecked
CreateDialogParamW
DrawMenuBar
GetActiveWindow
InsertMenuW
SetWindowTextA
DestroyIcon
DrawFrameControl
SetMenuItemInfoW
CheckMenuItem
MoveWindow
DispatchMessageW
EndPaint
GetUpdateRgn
GetKeyState
GetFocus
PostMessageW
IsIconic
RegisterWindowMessageW
PostQuitMessage
GetMessageW
SetActiveWindow
SetTimer
DestroyAcceleratorTable
TranslateAcceleratorW
SetWindowPlacement
DestroyWindow
GetDC
IntersectRect
InvalidateRect
ReleaseDC
ScrollWindowEx
SetScrollInfo
CallWindowProcW
DialogBoxParamW
GetParent
SetFocus
SetPropW
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
EnableWindow
GetPropW
ScreenToClient
SetCapture
GetCapture
RegisterClassExW
OffsetRect
SetWindowLongW
SetWindowPos
CreateWindowExW
ReleaseCapture
BeginDeferWindowPos
EndDeferWindowPos
DefWindowProcW
FillRect
DrawTextW
DrawFocusRect
GetScrollInfo
MapWindowPoints
CloseClipboard
GetWindowRect
LoadImageW
GetClientRect
PtInRect
LoadIconW
GetWindowLongW
GetSysColor
LoadStringW
OpenClipboard
GetSystemMetrics
UpdateWindow
SetClipboardData
SetCursor
DialogBoxIndirectParamW
LoadCursorW
InflateRect
GetDlgItem
EndDialog
GetSysColorBrush
SendMessageW
SetWindowTextW
ShowWindow
GetClassLongW
BeginPaint
NotifyWinEvent
DeferWindowPos
FlashWindow
GetWindowDC
FrameRect
CopyImage
DefFrameProcA
EnableScrollBar
GetWindowPlacement
EnumClipboardFormats
ReplyMessage
EmptyClipboard
TrackPopupMenuEx
IsWindow

comdlg32

ChooseFontW
GetOpenFileNameW
PrintDlgW
FindTextW
GetSaveFileNameW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHChangeNotify
SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize

advapi32

OpenProcessToken
RegQueryValueExA
EnumServicesStatusExW
AdjustTokenPrivileges
LookupAccountSidW
LookupPrivilegeValueW
OpenSCManagerW
CloseServiceHandle
RegOpenKeyW
RegOpenKeyExW
FreeSid
AllocateAndInitializeSid
RegOpenKeyExA
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegCloseKey
GetTokenInformation
RegCreateKeyExW
RegSetValueW
EqualSid

gdi32

CreatePen
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetMapMode
CreateSolidBrush
EndPage
StartPage
GetDeviceCaps
SetBkColor
FrameRgn
SetBkMode
DeleteObject
StartDocW
EndDoc
Polygon
DeleteDC
SetTextColor
LineTo
BitBlt
MoveToEx
Polyline
SelectClipRgn
GetObjectW
CreateFontW
CreateRectRgnIndirect
CombineRgn
CreateFontIndirectW
CreateRectRgn
GetBkColor
RectInRegion
GetStockObject
GetTextMetricsW

comctl32

InitCommonControlsEx
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_SetBkColor

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

SHAutoComplete

kernel32

GetStringTypeA
LCMapStringW
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
WriteFile
VirtualFree
HeapCreate
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetCurrentThreadId
ExitThread
HeapReAlloc
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcessHeap
HeapFree
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetStringTypeW
SizeofResource
LoadResource
FindResourceW
DeleteCriticalSection
GetSystemInfo
CreateFileMappingW
EnterCriticalSection
GetLocaleInfoA
CreateFileW
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
GetFileSize
GlobalUnlock
CompareStringW
GetLocaleInfoW
GlobalAlloc
GlobalLock
SetHandleCount
SetStdHandle
LCMapStringA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
LocalFree
LocalAlloc
GetCommandLineW
Module32NextW
CreateToolhelp32Snapshot
Module32FirstW
SetCurrentDirectoryW
LoadLibraryW
FreeLibrary
ExpandEnvironmentStringsW
DeleteFileW
CloseHandle
GetProcAddress
GetCurrentDirectoryW
LoadLibraryA
ExpandEnvironmentStringsA
GetNumberFormatW
ExitProcess
VirtualAllocEx
SetLastError
VirtualProtectEx
WriteProcessMemory
DebugBreak
VirtualQueryEx
CreateThread
SuspendThread
GetTempPathA
GetCurrentProcessId
GetVersion
FileTimeToLocalFileTime
Process32NextW
SetProcessWorkingSetSize
QueryDosDeviceW
OpenThread
Process32FirstW
GlobalFree
Thread32Next
FileTimeToSystemTime
TerminateProcess
GetTimeFormatW
Thread32First
IsBadReadPtr
GetNativeSystemInfo
GetThreadContext
GlobalAddAtomW
ResumeThread
QueryPerformanceFrequency
WaitForMultipleObjects
CreateEventW
GetOverlappedResult
ReadFile
FormatMessageW
CreateNamedPipeW
ConnectNamedPipe
SetEvent
QueryPerformanceCounter
FindClose
SetEnvironmentVariableW
FindFirstFileW
GetEnvironmentVariableW
OpenProcess
GetSystemTimeAsFileTime
LockResource
InterlockedIncrement
InterlockedDecrement
ReadProcessMemory
GetLastError
GetModuleFileNameW
GetFileAttributesW
Sleep
GetModuleHandleW
WaitForSingleObject
SetCommBreak
SetCommState
CreateTapePartition
SetProcessPriorityBoost
VirtualAlloc
FreeUserPhysicalPages
CreateJobSet
GetProcessAffinityMask
GetProcessTimes
RequestDeviceWakeup
SetEnvironmentVariableA
CompareStringA
CreateFileA
GetTimeZoneInformation
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleA
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
CreateProcessW
GetCurrentProcess

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

439de0527de383756700263a4db74026

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

gdi32

comctl32

version

shlwapi

kernel32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 6KB - Virtual size: 230KB

.rsrc Size: 455KB - Virtual size: 455KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 6KB - Virtual size: 230KB

.rsrc
Size: 455KB - Virtual size: 455KB