086990a28a60f35540e7a1ed120cf224ce1c2b2e7c0b87fd723c8de672d13a79

Sharing

Copy URL Twitter E-mail

General

Target

086990a28a60f35540e7a1ed120cf224ce1c2b2e7c0b87fd723c8de672d13a79
Size

813KB
MD5

76e78405f2c9a7d2380948b504050320
SHA1

f6c6b48406ddb63aaa8d9dec3853b78b2a385b2a
SHA256

086990a28a60f35540e7a1ed120cf224ce1c2b2e7c0b87fd723c8de672d13a79
SHA512

0bf3e9604f1d6bcade2345f8e850a0fdd7633f538675da1456065a5a1708d4e0b1928b153abc446e29b9ebb59d505801a794cc03e1a080ae15394428cdcee3a0
SSDEEP

12288:GFfyGoqTYPTURmgXSMWOv99srXeys7n1s8pUgG/bDHGaSFmk5hRfq3Ki:GdD2cDkon1s8DGjSaSHnRfEKi

Score

N/A

Malware Config

Signatures

Files

086990a28a60f35540e7a1ed120cf224ce1c2b2e7c0b87fd723c8de672d13a79
.exe windows x86

7e2feea73f1469185abcd322f566ecd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipFillRectangleI
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateSolidFill
GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipDrawLineI
GdipFree
GdipCloneImage
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipAlloc
GdiplusStartup

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

inet_addr
select
__WSAFDIsSet
WSAStartup
socket
gethostbyname
htons
connect
send
recv
closesocket
WSACleanup
WSAGetLastError
shutdown

wininet

DeleteUrlCacheEntryW
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetQueryOptionW
FindCloseUrlCache
HttpQueryInfoA
InternetReadFile
InternetQueryDataAvailable
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetSetOptionW
HttpSendRequestA
InternetQueryOptionA
InternetSetOptionA
InternetGetCookieA

kernel32

GetCurrentThreadId
CreateEventW
GetLastError
ExpandEnvironmentStringsW
GetCurrentProcess
CloseHandle
DeleteFileW
CreateFileW
WriteFile
FindClose
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Sleep
Process32NextW
CopyFileW
GetModuleFileNameW
WaitForSingleObject
GetTickCount
LoadLibraryW
GetProcAddress
CreateProcessW
FreeLibrary
GetSystemInfo
FindFirstFileW
SetEvent
FindNextFileW
GlobalFree
RemoveDirectoryW
GetVersionExW
GetSystemDefaultLCID
GetCurrentProcessId
WaitForMultipleObjects
SetUnhandledExceptionFilter
GetModuleHandleW
FindResourceW
SizeofResource
LockResource
LoadResource
GlobalAlloc
FlushInstructionCache
SetLastError
EnterCriticalSection
LeaveCriticalSection
SearchPathW
RaiseException
QueryPerformanceCounter
InitializeCriticalSection
DeleteCriticalSection
GetFileSize
ReadFile
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
InterlockedExchangeAdd
CreateThread
SystemTimeToFileTime
GetLocalTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
SetFilePointer
MoveFileW
CreateDirectoryW
CreateFileMappingW
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
ExitThread
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
GetModuleHandleA
HeapSize
ExitProcess
InterlockedIncrement
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CreateFileA
GetProcessHeap
HeapFree
GetVersionExA
InterlockedCompareExchange
InterlockedDecrement
VirtualQuery

user32

GetWindow
GetSystemMetrics
DrawIconEx
GetClientRect
DestroyWindow
DefWindowProcW
DrawFocusRect
GetKeyState
SetWindowTextW
LoadCursorW
SetWindowLongW
DrawTextW
ScreenToClient
GetCursorPos
SetFocus
RegisterClassExW
CallWindowProcW
GetWindowLongW
SetWindowPos
GetWindowRect
SetCursor
KillTimer
RedrawWindow
SystemParametersInfoW
SetTimer
InvalidateRect
GetParent
CreateWindowExW
PostQuitMessage
LoadImageW
GetSysColor
CopyRect
wsprintfW
BringWindowToTop
MessageBoxW
PostMessageW
ReleaseDC
GetDC
UpdateLayeredWindow
EndPaint
PostThreadMessageW
ShowWindow
IsWindowVisible
IsWindow
TrackMouseEvent
ReleaseCapture
MapWindowPoints
IntersectRect
SetCapture
DrawEdge
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetPropW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GetPropW
FindWindowW
UnregisterClassA
BeginPaint
GetUpdateRect
EqualRect
GetCapture
OffsetRect
SendMessageW

gdi32

CreateCompatibleDC
GetCurrentObject
GetTextColor
GetTextExtentPoint32W
GetViewportOrgEx
CreateFontIndirectW
SetViewportOrgEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
GetStockObject
SelectClipRgn
CreateDIBSection
DeleteDC
DeleteObject
CreatePen
CreateFontW
ExtTextOutW
SetBkColor
SetTextColor
SetBkMode
SelectObject
RestoreDC
BitBlt
GetObjectW
SaveDC

advapi32

FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteKeyW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW

shell32

SHChangeNotify
ShellExecuteExW
ShellExecuteW

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize

shlwapi

PathAppendW
SHGetValueW
SHGetValueA
StrCmpIW
PathFileExistsW
SHSetValueW

msimg32

AlphaBlend

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e2feea73f1469185abcd322f566ecd6

Headers

File Characteristics

Imports

gdiplus

version

ws2_32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msimg32

Sections

.text Size: 396KB - Virtual size: 393KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 296KB - Virtual size: 296KB

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 296KB - Virtual size: 296KB