f72e7e4ccc494ae11ee6933a4ba1985e3edb74bf35867241143eb488f6890092

Sharing

Copy URL Twitter E-mail

General

Target

f72e7e4ccc494ae11ee6933a4ba1985e3edb74bf35867241143eb488f6890092
Size

581KB
MD5

794b31326cb98226b47ae49e4407a04c
SHA1

7cf00abe0ce287550ca346751dcb464e959ffda8
SHA256

f72e7e4ccc494ae11ee6933a4ba1985e3edb74bf35867241143eb488f6890092
SHA512

87a972b807b5ca05ebe0efa9594dd90b5832b5165edfbbedd763a58b519c2d3646db70b0812664790ccc9872eda2249b3d780cb1de5bdb25b6db7f0ef1a19b5b
SSDEEP

6144:93v4sIND/AB4jYWoyGN2Ik5AfPjFWFNAy/7+dOYG+RWuFqH:RABhABEXotkI0A8AyzKOcnq

Score

N/A

Malware Config

Signatures

Files

f72e7e4ccc494ae11ee6933a4ba1985e3edb74bf35867241143eb488f6890092
.exe windows x86

d471ba10c0ff92b5d7922c6a5f910362

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
recv
send
socket
connect
closesocket
bind
select
accept
htons
sendto
recvfrom
ntohs
WSAGetLastError
ioctlsocket
WSACleanup
inet_addr
gethostbyname
WSAStartup
gethostname
listen

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

waveOutSetVolume
timeGetTime
mciSendStringW

comctl32

ImageList_Remove
ImageList_Destroy
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

mpr

WNetUseConnectionW
WNetGetConnectionW
WNetAddConnection2W
WNetCancelConnection2W

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
UnmapViewOfFile
OpenProcess
CreateFileMappingW
MapViewOfFile
WriteProcessMemory
ReadProcessMemory
SetFilePointer
TerminateProcess
WaitForSingleObject
SetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
FindNextFileW
lstrcmpiW
MoveFileW
CopyFileW
GetLastError
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
InterlockedIncrement
InterlockedDecrement
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetModuleHandleW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
DeviceIoControl
SetFileAttributesW
GetShortPathNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
SetProcessWorkingSetSize
GlobalMemoryStatus
Beep
GetComputerNameW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
GetCurrentProcessId
CreatePipe
DuplicateHandle
GetStdHandle
SetPriorityClass
WriteFile
GetFileType
PeekNamedPipe
SetLastError
GetTempPathA
GetTempFileNameA
DeleteFileA
CopyFileA
CreateFileA
GetModuleHandleA
ExitProcess
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
SetHandleCount
GetStartupInfoA
SetStdHandle
GetSystemInfo
GetCurrentProcess
GetVersionExW
GlobalFindAtomW
LoadLibraryW
LoadLibraryExW
GlobalFree
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileW
CloseHandle
CreateProcessW
GetCurrentThreadId
Sleep
GetProcAddress
LoadLibraryA
FlushFileBuffers
LCMapStringA
LCMapStringW
FreeLibrary
GetModuleFileNameW
GetFullPathNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
ExitThread
CreateThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetCPInfo
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
RtlUnwind
GetACP
GetOEMCP
InitializeCriticalSection
GetTickCount
InterlockedExchange
SetEndOfFile
CompareStringA
SetErrorMode
SetEnvironmentVariableA

user32

UnregisterHotKey
PeekMessageW
TranslateMessage
DispatchMessageW
GetMessageW
CharLowerBuffW
CharUpperW
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
CountClipboardFormats
EmptyClipboard
SetClipboardData
GetCursor
RegisterHotKey
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
FlashWindow
GetWindowTextLengthW
SetMenuDefaultItem
SetMenu
CreateMenu
DeleteMenu
DestroyMenu
DrawMenuBar
SetMenuItemInfoW
GetDC
SetWindowPos
SetWindowLongW
RedrawWindow
wsprintfW
CharNextW
IsMenu
GetActiveWindow
LockWindowUpdate
CreateIconFromResourceEx
DestroyWindow
SetClassLongW
AdjustWindowRectEx
SetRect
SystemParametersInfoW
GetSystemMetrics
ReleaseDC
GetWindowDC
SetCursor
MessageBeep
VkKeyScanA
FillRect
SubtractRect
FrameRect
DrawTextW
DrawFocusRect
InflateRect
GetSysColor
CheckMenuRadioItem
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoW
SetWindowTextW
ReleaseCapture
SetCapture
ClientToScreen
GetKeyState
WindowFromPoint
GetClientRect
TrackPopupMenuEx
GetCursorPos
IsDialogMessageW
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
ScreenToClient
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
SendMessageTimeoutW
GetFocus
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
CreateIcon
SetForegroundWindow
IsIconic
FindWindowW
SetKeyboardState
GetKeyboardState
LoadImageW
keybd_event
GetWindowTextW
EnumChildWindows
CharUpperBuffW
GetClassNameW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
DefWindowProcW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
GetKeyboardLayoutNameA
MessageBoxW
LoadStringW
DialogBoxParamW
EndDialog
SendDlgItemMessageW
GetMenu
CopyRect
IsChild
GetWindow
GetNextDlgTabItem
GetClassWord
GetDlgItem
PtInRect
OffsetRect
LoadCursorW
GetSysColorBrush
GetForegroundWindow
DestroyIcon
EndPaint
BeginPaint
InsertMenuItemW
DrawFrameControl
CopyImage
GetAsyncKeyState

gdi32

PolyBezierTo
ExtCreatePen
StrokeAndFillPath
StrokePath
EndPath
SetPixel
CloseFigure
LineTo
AngleArc
MoveToEx
GetTextExtentPoint32W
CreateDIBSection
BitBlt
GetDIBits
CreateCompatibleBitmap
CreateDCW
GetTextFaceW
Ellipse
PolyDraw
BeginPath
Rectangle
SetViewportOrgEx
GetObjectW
DeleteDC
CreateCompatibleDC
CreateFontW
GetDeviceCaps
GetStockObject
SetBkMode
GetPixel
RoundRect
SetBkColor
SelectObject
CreatePen
CreateSolidBrush
DeleteObject
SetTextColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegConnectRegistryW
RegEnumKeyExW
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHBrowseForFolderW
SHFileOperationW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
Shell_NotifyIconW
ExtractIconExW
DragFinish
DragQueryFileW
DragQueryPoint
ShellExecuteW
ShellExecuteExW

ole32

CreateStreamOnHGlobal
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
StringFromIID
CLSIDFromString
OleInitialize
CreateBindCtx
CLSIDFromProgID
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket
StringFromCLSID
OleUninitialize

oleaut32

LoadRegTypeLi
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
VarR4FromDec
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
OleLoadPicture
GetActiveObject

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d471ba10c0ff92b5d7922c6a5f910362

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

version

winmm

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 9KB - Virtual size: 114KB

.rsrc Size: 89KB - Virtual size: 92KB

.lrdata Size: 76KB - Virtual size: 76KB

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 9KB - Virtual size: 114KB

.rsrc
Size: 89KB - Virtual size: 92KB

.lrdata
Size: 76KB - Virtual size: 76KB