0215e59fef5dc68899be7b1015e570284451a2af420e7b5bc530ad0a99d83762

Sharing

Copy URL Twitter E-mail

General

Target

0215e59fef5dc68899be7b1015e570284451a2af420e7b5bc530ad0a99d83762
Size

1.5MB
MD5

45a564ea62b043ad2b40d61361a8abb2
SHA1

ab92f5b5d373a02387102dbec74de04d634b7aee
SHA256

0215e59fef5dc68899be7b1015e570284451a2af420e7b5bc530ad0a99d83762
SHA512

6ba5cf8a62007587f7f58e14ad543b4e4444d1d964753d2604693c69ad58b135b98470e3568bbb6c32262b09a1c5b31dd9b51f5ee0b212dea6f18809c83b9f8a
SSDEEP

24576:ReaOelJo5w2cBAg1cDesV40kg9xRZxq4z0VaZNMXdW3MuV5MzAXB+ZudvkwWHFvR:Q5Qv7gz4HUV5P+Zu9kZGTHREgf2Xmo+y

Score

N/A

Malware Config

Signatures

Files

0215e59fef5dc68899be7b1015e570284451a2af420e7b5bc530ad0a99d83762
.exe windows x86

3cb0941009e746f75c82bd482110cc8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
MulDiv
lstrcmpW
Sleep
SetEvent
CreateEventW
WaitForSingleObject
ExitProcess
CreateToolhelp32Snapshot
Process32FirstW
TerminateProcess
Process32NextW
GetFileAttributesW
GetWindowsDirectoryW
SetFileTime
SetFileAttributesW
FormatMessageW
LocalAlloc
GetLogicalDriveStringsA
GetVersion
GetSystemDirectoryA
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetExitCodeProcess
GetPrivateProfileStringW
GetModuleHandleA
GetSystemDefaultLangID
GetFileType
SystemTimeToFileTime
GetCurrentDirectoryW
DosDateTimeToFileTime
DeviceIoControl
CloseHandle
GetCurrentProcessId
HeapDestroy
HeapAlloc
HeapFree
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
GetCurrentThreadId
GetSystemTime
GlobalMemoryStatusEx
CreateThread
OpenProcess
CreateMutexW
WideCharToMultiByte
MultiByteToWideChar
LocalFree
WritePrivateProfileStringW
GetCurrentProcess
GetVersionExW
RemoveDirectoryW
lstrcpyW
GetFullPathNameW
SetLastError
FindClose
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsFree
DeleteAtom
FindAtomW
TlsAlloc
ReleaseMutex
FindNextFileW
FindFirstFileW
MoveFileExW
GetTickCount
DeleteFileW
GetLastError
CreateDirectoryW
GetSystemDirectoryW
ExpandEnvironmentStringsW
GetTempPathW
OutputDebugStringW
WriteFile
CreateFileA
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
InterlockedExchange
RaiseException
VirtualAlloc
ReadFile
VirtualFree
SetFilePointer
GetFileSize
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
CreateProcessW
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
AddAtomW
OpenThread
HeapReAlloc
GetAtomNameW
TlsSetValue
TlsGetValue
GetFileSizeEx
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
lstrlenA
FlushFileBuffers
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
CreateFileW

user32

GetWindowTextW
PtInRect
SetWindowPos
SetWindowLongW
GetWindowLongW
GetWindowRect
SendMessageW
IsWindow
SetTimer
PostMessageW
PostQuitMessage
ShowWindow
CharUpperBuffW
CallWindowProcW
GetDesktopWindow
GetSystemMetrics
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassExW
GetClassInfoExW
LoadCursorW
DefWindowProcW
DestroyWindow
GetDlgItem
CreateWindowExW
MapWindowPoints
GetClientRect
SystemParametersInfoW
SetCursor
GetCursorPos
UpdateLayeredWindow
UpdateWindow
GetCapture
TrackMouseEvent
AdjustWindowRectEx
DrawTextW
InflateRect
DrawIconEx
GetIconInfo
WindowFromDC
UnregisterClassA
GetParent
GetMonitorInfoW
MonitorFromWindow
GetWindow
EndDialog
CharNextW
DestroyAcceleratorTable
ReleaseDC
GetDC
ExitWindowsEx
MessageBoxW
GetForegroundWindow
InvalidateRect
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowExW
DialogBoxParamW
ReplyMessage
InSendMessageEx
LoadIconW
GetActiveWindow
SetWindowRgn
IsIconic
PeekMessageW
SetForegroundWindow
FindWindowW
GetKeyState
KillTimer
RegisterWindowMessageW
GetWindowTextLengthW
CallNextHookEx
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetClassNameW
GetSysColor
RedrawWindow
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
InvalidateRgn

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetStockObject
GetDeviceCaps
BitBlt
CreateRoundRectRgn
SelectObject
DeleteObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
SetViewportOrgEx
GetObjectType
GetRandomRgn
GdiAlphaBlend
GetLayout
SetLayout
GetCurrentObject
SetBkMode
LPtoDP
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
GetTextExtentPoint32W
CreateFontIndirectW
SelectClipRgn
CreateRectRgn
CombineRgn
OffsetRgn
GetRgnBox
CreateRectRgnIndirect
RectVisible
SaveDC
IntersectClipRect
RestoreDC
GetObjectW

advapi32

RegQueryValueExA
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegCreateKeyA
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHFileOperationW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

ole32

CLSIDFromProgID
CLSIDFromString
OleInitialize
CoUninitialize
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
RegisterDragDrop
RevokeDragDrop
DoDragDrop
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

VariantCopy
VariantChangeType
SysStringLen
VarBstrCmp
SysFreeString
SysAllocString
VariantClear
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantInit
SysAllocStringLen
VarCmp
CreateDispTypeInfo
CreateStdDispatch

shlwapi

PathFindExtensionW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
SHDeleteValueW
SHSetValueA
SHGetValueA
SHDeleteEmptyKeyW
SHDeleteKeyW
StrToIntW
StrStrIW
StrCmpIW
StrStrW
PathIsRootW
PathFileExistsW
SHSetValueW
SHGetValueW

comctl32

InitCommonControlsEx

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules

gdiplus

GdiplusShutdown

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 823KB - Virtual size: 823KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3cb0941009e746f75c82bd482110cc8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

psapi

gdiplus

version

Sections

.text Size: 823KB - Virtual size: 823KB

.rdata Size: 187KB - Virtual size: 186KB

.data Size: 42KB - Virtual size: 59KB

.rsrc Size: 294KB - Virtual size: 293KB

.reloc Size: 144KB - Virtual size: 144KB

.text
Size: 823KB - Virtual size: 823KB

.rdata
Size: 187KB - Virtual size: 186KB

.data
Size: 42KB - Virtual size: 59KB

.rsrc
Size: 294KB - Virtual size: 293KB

.reloc
Size: 144KB - Virtual size: 144KB