02a66e0154de51892cff270efeae4fadcdd2eab6b0c132f0a342b20eb83350c0

Sharing

Copy URL Twitter E-mail

General

Target

02a66e0154de51892cff270efeae4fadcdd2eab6b0c132f0a342b20eb83350c0
Size

166KB
MD5

a12a4e5fbe7825c79f5fd70529130300
SHA1

2819d7eb3e5c246bdc47664770c4f7e084ea8ec0
SHA256

02a66e0154de51892cff270efeae4fadcdd2eab6b0c132f0a342b20eb83350c0
SHA512

cd8a31a64f4b6542b6bdad07a4bb26c64e09e32fc0d62d21957a87a7e717a9f279c81acaef8fcba14c069a8f440f2676eda1920641af2a342fc5cde455520234
SSDEEP

3072:hl6AQ3BwrDOIeVn45677gljqcI9Zo43w3a255+18XupEjTo/dTW+3DzHIZR9Y:yAQ3+rKrRG6iI9+q2DdepEWL

Score

N/A

Malware Config

Signatures

Files

02a66e0154de51892cff270efeae4fadcdd2eab6b0c132f0a342b20eb83350c0
.exe windows x86

b7e05784717f134826441c224ec15c1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiReleaseDC
EngEraseSurface
DeleteObject
DeleteDC
GdiGetLocalBrush
GdiEntry5
GetWindowExtEx
CreateICA
GetTextFaceA
GetBoundsRect
GetLogColorSpaceA
CopyMetaFileA
CreateFontIndirectA
EngUnicodeToMultiByteN
GetEnhMetaFileDescriptionW
GetOutlineTextMetricsW
EngTransparentBlt
GetStockObject
SetRectRgn
GdiTransparentBlt
CreateBitmapIndirect
CreateFontIndirectExA
CreateHalftonePalette
UpdateICMRegKeyA
EngStrokePath
BRUSHOBJ_ulGetBrushColor
GetTextExtentExPointA
GdiAddGlsBounds
GdiConvertBitmap
GdiCleanCacheDC
ExtEscape
GdiConvertBrush
GetCharABCWidthsW
GetAspectRatioFilterEx
HT_Get8BPPMaskPalette
StartPage
GetFontData
LineTo
SetICMProfileA
EngGetCurrentCodePage
ExtCreateRegion
GdiCreateLocalMetaFilePict
PatBlt
GetWindowOrgEx
SetDCPenColor
GetGlyphOutline
FillRgn
STROBJ_vEnumStart
STROBJ_bGetAdvanceWidths
GdiGetLocalDC
ExtSelectClipRgn
ResizePalette
cGetTTFFromFOT
EngGetPrinterDataFileName
GetTextExtentExPointW
DeleteMetaFile
GetCurrentObject
GetCharWidthFloatW
Ellipse
CheckColorsInGamut
GetFontLanguageInfo
GetViewportOrgEx
GdiIsMetaFileDC
RemoveFontResourceA

user32

wvsprintfW
GetMessagePos
SetScrollRange
FrameRect
DragDetect
GetClientRect
CreateDialogParamA
DdeDisconnectList
CopyAcceleratorTableA
DdeQueryStringA
DdeNameService
GetScrollBarInfo
IsZoomed
IsWindow
SetMenuItemInfoW
FindWindowW
RegisterClipboardFormatA
DrawEdge
CreateWindowExW
IntersectRect
LoadImageA
DeregisterShellHookWindow
LoadImageW
TrackPopupMenu
CheckRadioButton
CreatePopupMenu
ClientToScreen
TranslateAcceleratorA
WinHelpW
GetWindowTextW
SetDeskWallpaper
GetMenuItemRect
WaitMessage
RegisterHotKey
InSendMessage
InsertMenuA

kernel32

MultiByteToWideChar
GlobalFree
FindVolumeMountPointClose
DeleteTimerQueueTimer
GetEnvironmentStringsA
EnterCriticalSection
GetSystemInfo
FlushFileBuffers
GetTapeStatus
EndUpdateResourceA
SetFileAttributesW
CopyFileA
GetSystemTimeAdjustment
GetLongPathNameA
GlobalSize
GetMailslotInfo
OpenThread
GetCurrentProcessId
lstrcatA
GetCommState
GetTempPathA
ResumeThread
GetConsoleOutputCP
GetQueuedCompletionStatus
TlsAlloc
GetConsoleAliasExesW
QueryPerformanceFrequency
FindResourceA
GetFileInformationByHandle
IsValidLocale
LocalReAlloc
GetSystemDefaultUILanguage
GetConsoleAliasesLengthW
GetPrivateProfileSectionA
PulseEvent
FindFirstVolumeMountPointW
Process32FirstW
VirtualFreeEx
ConvertThreadToFiber
DnsHostnameToComputerNameW
GetCurrentThread
EnumSystemLocalesW
FindAtomA
SetConsoleTitleA
GetTimeFormatW
CreateTapePartition
DnsHostnameToComputerNameA
IsBadHugeReadPtr
CreateWaitableTimerA
HeapCreate
MoveFileExW
GetConsoleScreenBufferInfo
GetDiskFreeSpaceW
SetThreadAffinityMask
BeginUpdateResourceA
SetCommMask
GetDateFormatW
GlobalUnWire
GetConsoleTitleW
OutputDebugStringA
SignalObjectAndWait
GetFileTime
SetEvent
DeleteTimerQueueEx
CopyFileW
SetConsoleScreenBufferSize
GetLogicalDriveStringsA
WriteProfileStringW
Module32First
CommConfigDialogW
lstrcmpA
UnlockFile
GetCompressedFileSizeA
CreateFileMappingA
GetStringTypeExW
GetCPInfoExA
EnumCalendarInfoA
CreateHardLinkA
OpenSemaphoreW
GetSystemPowerStatus
CreateThread
EnumResourceLanguagesW
SetCommTimeouts
GetSystemDefaultLangID
WaitForSingleObjectEx
HeapDestroy
GetProfileStringW
WritePrivateProfileStructW
SetCurrentDirectoryA
GlobalFix
CreateMutexA
GetCommTimeouts
PeekNamedPipe
WaitCommEvent
BuildCommDCBAndTimeoutsA
EndUpdateResourceW
CallNamedPipeW
WriteConsoleOutputCharacterA
ReadConsoleInputW
SetThreadIdealProcessor
GlobalFindAtomA
QueryInformationJobObject
FindNextVolumeMountPointW
GetDateFormatA
GetThreadLocale
LeaveCriticalSection
VirtualQueryEx
SetTapePosition
RegisterWaitForSingleObject
WaitForMultipleObjects
GetUserDefaultUILanguage
IsDBCSLeadByte
MulDiv
GetDriveTypeA
GetTickCount
Heap32First
UnmapViewOfFile
CreateEventW
WriteConsoleOutputA
VirtualProtectEx
IsBadWritePtr
GetFileAttributesExA
GenerateConsoleCtrlEvent
WaitForSingleObject
WriteConsoleInputA
GetUserDefaultLCID
EnumTimeFormatsW
CreateFileMappingW
WriteConsoleOutputCharacterW
FileTimeToLocalFileTime
IsBadHugeWritePtr
CancelWaitableTimer
GetFileType
WriteProcessMemory
FatalAppExitW
lstrcmpiA
GetLogicalDriveStringsW
BackupWrite
SetConsoleCursor
RequestWakeupLatency
CreateMailslotW
TerminateThread
SetUnhandledExceptionFilter
GlobalFindAtomW
GetCurrentProcess
OpenSemaphoreA
QueryPerformanceCounter
BuildCommDCBAndTimeoutsW
FindVolumeClose
GetCurrentDirectoryA
GlobalAddAtomW
VirtualAllocEx
FindNextChangeNotification
lstrcmpW
ReadFileEx
GetComputerNameA
GetComputerNameExW
GetTimeZoneInformation
WritePrivateProfileStructA
RemoveDirectoryA
FillConsoleOutputCharacterA
MoveFileWithProgressW
WriteConsoleA
DisconnectNamedPipe
CreateNamedPipeA
LockFile
GetProcessTimes
GetDiskFreeSpaceExA
ExitThread
LocalFileTimeToFileTime
GetCalendarInfoA
SetConsoleCursorPosition
SetThreadPriority
ExpandEnvironmentStringsW
GetVersion
GetTempFileNameA
RtlFillMemory
LocalFree
SetMailslotInfo
SetConsoleActiveScreenBuffer
GetFileAttributesW
CreateProcessW
Module32Next
WinExec
CompareFileTime
CreateSemaphoreW
GetUserDefaultLangID
LocalCompact
GetProcessHeaps
SetComputerNameExA
SetComputerNameW
SetVolumeLabelA
CreateHardLinkW
GetConsoleAliasExesA
WriteProfileStringA
GlobalCompact
ClearCommError
WritePrivateProfileStringA
SetCriticalSectionSpinCount
GetPrivateProfileSectionNamesA
BuildCommDCBW
FindFirstChangeNotificationW
lstrcpy
EnumUILanguagesA
SearchPathW
IsBadCodePtr
GetNamedPipeHandleStateA
FreeEnvironmentStringsW
CreateDirectoryExW
GetCompressedFileSizeW
GetLogicalDrives
GetProcessHeap
EnumResourceLanguagesA
GlobalAlloc
GetVersionExW
TlsSetValue
WriteFileEx
EnumDateFormatsW
OpenFileMappingW
FindResourceW
SetProcessAffinityMask
SetInformationJobObject
GetCommProperties
OpenMutexW
VirtualLock
CreateToolhelp32Snapshot
SetComputerNameA
GetCommMask
ReadDirectoryChangesW
EnumDateFormatsExW
FormatMessageW
TlsFree
GetShortPathNameA
SetConsoleMode
WritePrivateProfileStringW
LocalShrink
DeleteFiber
DisableThreadLibraryCalls
GetStringTypeA
InitializeCriticalSection
SetEnvironmentVariableW
lstrcatW
MoveFileA
SetLocalTime
TransmitCommChar
IsDBCSLeadByteEx
DeleteAtom
GetConsoleMode
ReleaseMutex
HeapValidate
ClearCommBreak
Process32Next
IsBadStringPtrW
GetFileSize
EnumResourceTypesW
SearchPathA
SetProcessWorkingSetSize
FillConsoleOutputCharacterW
IsValidLanguageGroup
CreateEventA
RaiseException
SetThreadPriorityBoost
GetNumberFormatW
PurgeComm
MapUserPhysicalPages
ScrollConsoleScreenBufferA
GetVolumeInformationA
FindFirstFileA
OpenWaitableTimerW
Thread32Next
GetTapeParameters
GetSystemDirectoryW
GetNumberOfConsoleInputEvents
RemoveDirectoryW
CreateJobObjectA
SetProcessShutdownParameters
GetDefaultCommConfigA
GetWindowsDirectoryW
GlobalDeleteAtom
CreateDirectoryW
GetProcessIoCounters
SetFileAttributesA
SetConsoleWindowInfo
GetProfileStringA
IsValidCodePage
PeekConsoleInputW
CreateConsoleScreenBuffer
GetEnvironmentVariableA
WaitForMultipleObjectsEx
GlobalLock
CreateNamedPipeW
ChangeTimerQueueTimer
Beep
GetPrivateProfileStructA
FreeLibrary
GetCPInfoExW
SetVolumeLabelW
DeleteVolumeMountPointW
lstrcpyW
SwitchToFiber
CallNamedPipeA
SizeofResource
ReadConsoleOutputW
SetConsoleTextAttribute
GetModuleHandleA
SetLocaleInfoW
SetHandleCount
GetWindowsDirectoryA
GetStdHandle
FindAtomW
VirtualUnlock
GetConsoleDisplayMode
SetStdHandle
LocalLock
SetLastError
GetDiskFreeSpaceExW
FreeEnvironmentStringsA
GetThreadSelectorEntry
FindNextVolumeMountPointA
GetOEMCP
GetTimeFormatA
GlobalGetAtomNameW
SetCalendarInfoW
CreateFiberEx
FatalExit
FreeLibraryAndExitThread
LoadLibraryA
SuspendThread
OpenFile
VirtualProtect
QueryDosDeviceW
WriteTapemark
IsBadStringPtrA
FindCloseChangeNotification
GetFileSizeEx
DeleteCriticalSection
CreateProcessA
VirtualFree
ReadFile
ConvertDefaultLocale
GetVolumeNameForVolumeMountPointA
GetWriteWatch
HeapLock
FreeConsole
HeapUnlock
QueueUserWorkItem
SetVolumeMountPointW
GetExitCodeProcess
GlobalFlags
SetEnvironmentVariableA
VerifyVersionInfoW
EnumResourceNamesA
VerLanguageNameW
EnumSystemCodePagesW
GlobalUnfix
GetConsoleCP
SetSystemTime
GetCurrentConsoleFont
GetPriorityClass
LocalSize
GetPrivateProfileSectionW
GetStartupInfoW
GetSystemWindowsDirectoryW
CreateSemaphoreA
ReadConsoleOutputCharacterW
GetNamedPipeHandleStateW
FlushConsoleInputBuffer
ReplaceFile
lstrcat
GetModuleFileNameA
UpdateResourceA
GetTapePosition
WritePrivateProfileSectionA
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetPrivateProfileStructW
GetEnvironmentVariableW
SetConsoleOutputCP
GetThreadPriority
GlobalMemoryStatus
GetBinaryType
FindFirstFileExW
GetVolumeInformationW
GetProcessWorkingSetSize
Sleep
GetVolumePathNameA
lstrcpyn
OpenJobObjectA
lstrcmpi
EnumSystemLocalesA
GetComputerNameW
SystemTimeToFileTime
InitAtomTable
lstrcpynW
GetStringTypeExA
FindResourceExA
Heap32ListNext
ResetEvent
WriteConsoleOutputW
QueueUserAPC
SetWaitableTimer
VirtualAlloc
ExitProcess

advapi32

ChangeServiceConfigA
CryptGetHashParam
ConvertStringSDToSDRootDomainW
SetNamedSecurityInfoExW
RegCreateKeyExW
EqualDomainSid
FreeEncryptionCertificateHashList
ElfBackupEventLogFileA
GetSecurityDescriptorControl
CryptGetKeyParam
OpenServiceW
InitiateSystemShutdownExW
SetFileSecurityA
UninstallApplication

ole32

CreateDataAdviseHolder
CoWaitForMultipleHandles
SetDocumentBitStg
WriteClassStg
CreateClassMoniker

shlwapi

PathMakePrettyW
StrIsIntlEqualW
PathSetDlgItemPathA
SHOpenRegStream2A
PathIsUNCServerShareW
StrRetToBufA
PathIsUNCA
ColorHLSToRGB
PathIsDirectoryA
SHRegQueryUSValueW
AssocQueryStringW
SHCreateShellPalette
StrNCatA
StrDupA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7e05784717f134826441c224ec15c1f

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

advapi32

ole32

shlwapi

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 512B - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB