f35fc397ccd96a9d24c95c0017237c836aaa30d8835e014c394441a040641977

Sharing

Copy URL Twitter E-mail

General

Target

f35fc397ccd96a9d24c95c0017237c836aaa30d8835e014c394441a040641977
Size

1.2MB
MD5

645186a4619a3f905bbe3535d07f4bc3
SHA1

dd8dacea0d42f61eb4362bb9b1b61ec0e2f60156
SHA256

f35fc397ccd96a9d24c95c0017237c836aaa30d8835e014c394441a040641977
SHA512

ab2d02c79bf7b6bc7fedf6d41196f52e48f0a83d6e007a7e75d20fac071d9297d39989acc912297545c48ce11fa3bbf6d7dc4a35eb7b3a763d17d7400c91f53f
SSDEEP

12288:hNUFr7YpLgCC5F436ZcLd9GDxRYOafi2M+UImcnoj6Tsqc6LW3pppppppOKnnc55:hOnYUeGx2OafxGImtj6TfdLWQKnc2nxm

Score

N/A

Malware Config

Signatures

Files

f35fc397ccd96a9d24c95c0017237c836aaa30d8835e014c394441a040641977
.exe windows x86

286133aff1cd891afd768600609f633c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileTime
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
ExitProcess
Sleep
GetStartupInfoA
GetCommandLineA
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetFileType
SetStdHandle
GetFullPathNameA
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GetVolumeInformationA
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
FormatMessageA
LocalFree
SetFilePointer
SetEndOfFile
MoveFileA
DeleteFileA
SetVolumeLabelA
GetDriveTypeA
GetDiskFreeSpaceExA
CreateDirectoryA
SetFileTime
FindFirstFileA
FindClose
GetFileAttributesA
SetFileAttributesA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetExitCodeThread
LoadLibraryA
GetProcAddress
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetLocalTime
GetTickCount
SetCurrentDirectoryA
CreateProcessA
CloseHandle
WaitForSingleObject
CreateMutexA
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
SizeofResource
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
RegisterClipboardFormatA
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
MessageBoxA
LoadIconA
GetSystemMetrics
SetTimer
InvalidateRect
IsIconic
SendMessageA
DrawIcon
wsprintfA
CharUpperA
EnableWindow
GetClientRect
LoadBitmapA
PostMessageA
GetSysColorBrush
LoadCursorA
SetWindowsHookExA

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontA
BitBlt
Rectangle
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHFileOperationA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetReadFile

winmm

timeGetTime

ws2_32

select
__WSAFDIsSet
WSAGetLastError
accept
listen
bind
sendto
closesocket
gethostbyaddr
getsockname
inet_addr
gethostbyname
inet_ntoa
WSAStartup
recvfrom
send
recv
gethostname
htonl
getservbyname
getprotobynumber
htons
ntohs
getpeername
setsockopt
ioctlsocket
WSAAsyncSelect
getsockopt
socket
connect
shutdown

Sections

.text
Size: 332KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 808KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

286133aff1cd891afd768600609f633c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

winmm

ws2_32

Sections

.text Size: 332KB - Virtual size: 328KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 808KB - Virtual size: 808KB

.text
Size: 332KB - Virtual size: 328KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 808KB - Virtual size: 808KB