0dbf3097a79d7ab2312732e12b50b6bc96724e1e7290a272e75ecd8c0f4599dc

Sharing

Copy URL Twitter E-mail

General

Target

0dbf3097a79d7ab2312732e12b50b6bc96724e1e7290a272e75ecd8c0f4599dc
Size

1.5MB
MD5

814a4ea3f6a6964a7b174c6bbc727e50
SHA1

c07059bdf88611788873a69a1a9b0075b490b30b
SHA256

0dbf3097a79d7ab2312732e12b50b6bc96724e1e7290a272e75ecd8c0f4599dc
SHA512

ca71fa31ec11d347cbbf1af5d81e59aee60144b1617a624e3a61ac35d5489d41bac22bcb58767dcfa4395f0f581716080855c050ab54451f75613941f01ebc52
SSDEEP

24576:kPlGnPwPszWNBGjZ60qFEBVPzwrXCxeEdfhs3Iijd5T2wU/eKXn+U7Ik4QBb3ysl:8lGnPwPszW2Z4eiIijdtpU/eKXMZm3ym

Score

N/A

Malware Config

Signatures

Files

0dbf3097a79d7ab2312732e12b50b6bc96724e1e7290a272e75ecd8c0f4599dc
.exe windows x64

b14b99b68e4f379e2cb635292e237640

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA

kernel32

lstrlenW
GetTickCount
MulDiv
FlushInstructionCache
GetCurrentProcess
SetLastError
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcessId
InitializeCriticalSection
GetCommandLineW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapSetInformation
CreateEventW
CloseHandle
SetEvent
OpenEventW
FindResourceExW
LockResource
GetCurrentThreadId
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
RaiseException
lstrcmpiW
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetModuleHandleA
GetACP
GetSystemDefaultLCID
GetProfileIntA
GetUserDefaultLCID
GetSystemDefaultLangID
DisableThreadLibraryCalls
HeapCreate
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
TryEnterCriticalSection
ResumeThread
SetThreadPriority
CreateThread
GetLocaleInfoW
GetUserDefaultUILanguage
FreeResource
OutputDebugStringA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
InterlockedPushEntrySList
VirtualAlloc
InterlockedPopEntrySList
VirtualFree
GetStringTypeExW
WideCharToMultiByte
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
FreeLibrary
GetLastError

gdi32

BitBlt
CreateDIBSection
GetRegionData
CreateSolidBrush
ExtSelectClipRgn
SetDIBColorTable
GetObjectW
SetStretchBltMode
OffsetRgn
ExtCreateRegion
GetDIBColorTable
StretchBlt
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPointW
GetTextColor
SetBkMode
CreateCompatibleBitmap
CreateBitmap
GetBitmapBits
GetStockObject
Ellipse
SetDCBrushColor
SetROP2
CreateFontW
Polyline
SetLayout
SetWindowExtEx
CreateCompatibleDC
ExtTextOutA
GetCharABCWidthsW
GetCharWidthA
GetCharWidth32A
GetCharWidthW
CreateRectRgnIndirect
CombineRgn
DeleteObject
RestoreDC
DeleteDC
GetDeviceCaps
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateDCW
SelectClipRgn
PatBlt
CreateRectRgn
PtInRegion
CreatePen
SelectObject
MoveToEx
LineTo
SetTextColor
CreateRoundRectRgn
StretchDIBits
GetTextFaceW
GetGlyphIndicesW
GetCurrentObject
GetBkColor
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontData
TranslateCharsetInfo
GetPixel
GetTextCharsetInfo
GetTextMetricsA
GetObjectA
CreateFontIndirectA
CreateICW
EnumFontFamiliesExW
RealizePalette
SelectPalette
CreatePalette
Escape
GetObjectType
SetBkColor
SetTextAlign
ExtTextOutW
GetOutlineTextMetricsA

user32

SendMessageA
IsWindowUnicode
LoadCursorA
LoadBitmapW
UnregisterClassW
LoadBitmapA
GetKeyboardLayoutList
GetThreadDesktop
GetDoubleClickTime
CharNextW
GetKeyboardLayout
UnregisterClassA
SetCaretBlinkTime
InvertRect
DestroyCaret
MenuItemFromPoint
SetWindowLongW
WindowFromDC
GetSystemMetrics
DeleteMenu
MonitorFromRect
SetMenuItemInfoW
DestroyIcon
GetMessageTime
SetFocus
DestroyCursor
RegisterClassW
GetClassInfoW
CreateCursor
GetDesktopWindow
GetWindowDC
DrawTextW
SystemParametersInfoW
GetParent
DrawFrameControl
InflateRect
GetMessagePos
SendMessageW
GetPropW
TrackMouseEvent
NotifyWinEvent
RemovePropW
SetPropW
ScreenToClient
FrameRect
GetSysColorBrush
FillRect
SetWindowRgn
ValidateRect
GetUpdateRect
GetWindowLongW
EndDeferWindowPos
GetWindowRect
DeferWindowPos
BeginDeferWindowPos
GetSysColor
EqualRect
DrawIconEx
IntersectRect
GetDC
ReleaseDC
CreateWindowExW
GetClassInfoExW
RegisterClassExW
IsChild
GetFocus
BeginPaint
GetClientRect
EndPaint
UnionRect
PtInRect
GetKeyState
IsWindow
DestroyWindow
GetClipboardFormatNameW
CallNextHookEx
GetWindowThreadProcessId
WindowFromPoint
AdjustWindowRectEx
OffsetRect
DestroyMenu
PostQuitMessage
SetMenuDefaultItem
AppendMenuW
GetCursorPos
CreatePopupMenu
KillTimer
SetTimer
LoadIconW
SendInput
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatW
ClientToScreen
InvalidateRect
RegisterWindowMessageW
SetRectEmpty
UnhookWindowsHookEx
UnhookWinEvent
TrackPopupMenuEx
SetWinEventHook
SetWindowsHookExW
EndMenu
LoadCursorW
SetCursor
IsRectEmpty
CopyRect
CallWindowProcW
GetWindowLongPtrW
DefWindowProcW
SetWindowLongPtrW
CharUpperW
PostThreadMessageW
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjectsEx
SetProcessDPIAware
GetUserObjectInformationW
ReleaseCapture
ShowWindow
EnumDisplayMonitors
GetMonitorInfoW
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
PostMessageW
SetCapture

msvcrt

_ltow
_ltow_s
_wcsnicmp
_wcslwr_s
wcstol
iswdigit
_wtol
_wcsicmp
_wtoi
memmove
memcpy
_onexit
_lock
__dllonexit
memcmp
__CxxFrameHandler3
ceilf
floorf
_CxxThrowException
ceil
_unlock
_errno
realloc
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
__C_specific_handler
memset
_callnewh
vswprintf_s
_vscwprintf
wcsncmp
_purecall
calloc
swprintf_s
_resetstkoflw
wcscat_s
wcscpy_s
memmove_s
memcpy_s
wcsncpy_s
free
malloc
sqrtf

ntdll

EtwEventWrite
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwEventRegister
EtwEventUnregister

ole32

CreateStreamOnHGlobal
CoGetClassObject
CoCreateFreeThreadedMarshaler
OleLockRunning
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
RevokeDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
RegisterDragDrop

oleaut32

SysFreeString
SysStringLen
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringByteLen
UnRegisterTypeLi
SysAllocStringLen
VarBstrCat
VariantClear
VariantInit
DispCallFunc
SysAllocStringByteLen
SysAllocString
OleCreatePropertyFrame
SafeArrayAccessData
SafeArrayCreateVector
VarBstrCmp
SafeArrayUnaccessData
SafeArrayDestroy

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHWND
GdipSetClipRectI
GdipCreateLineBrushI
GdipCreatePen2
GdipSetPenDashStyle
GdipSetPenDashArray
GdipDrawRectangleI
GdipGetDC
GdipReleaseDC
GdipFillEllipseI
GdipDrawEllipseI
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipAlloc
GdiplusStartup
GdipDeletePen
GdipDrawLineI
GdipSetPenColor
GdipCreatePen1
GdipSetSolidFillColor
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdiplusShutdown

shell32

Shell_NotifyIconW
ShellAboutW

slc

SLGetWindowsInformationDWORD

comctl32

ord8

usp10

ScriptShape
ScriptTextOut
ScriptGetLogicalWidths
ScriptGetProperties
ScriptGetCMap
ScriptFreeCache
ScriptPlace
ScriptItemize

uxtheme

DrawThemeTextEx
IsThemeActive
CloseThemeData
GetThemeBackgroundRegion
DrawThemeBackground
GetThemeMargins
GetThemePartSize
GetThemeColor
DrawThemeText
DrawThemeIcon
DrawThemeEdge
OpenThemeData

msimg32

TransparentBlt
GradientFill
AlphaBlend

dwmapi

DwmIsCompositionEnabled
DwmEnableBlurBehindWindow

Exports

Exports

?REExtendedRegisterClass@@YAHXZ

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b14b99b68e4f379e2cb635292e237640

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

ntdll

ole32

oleaut32

oleacc

gdiplus

shell32

slc

comctl32

usp10

uxtheme

msimg32

dwmapi

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 46KB - Virtual size: 51KB

.pdata Size: 35KB - Virtual size: 35KB

.rsrc Size: 383KB - Virtual size: 382KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 46KB - Virtual size: 51KB

.pdata
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 383KB - Virtual size: 382KB

.reloc
Size: 29KB - Virtual size: 29KB