570e90298145ef4b139ddc5daeaa7baf7f4242e3b7bc26501a7047d0c9202298

Sharing

Copy URL Twitter E-mail

General

Target

570e90298145ef4b139ddc5daeaa7baf7f4242e3b7bc26501a7047d0c9202298
Size

733KB
MD5

904d266a3678239db7ae433f81c237b0
SHA1

6fd4845689b94d03151d7851e18aae04f199c04d
SHA256

570e90298145ef4b139ddc5daeaa7baf7f4242e3b7bc26501a7047d0c9202298
SHA512

9b11ec486135e2615b47a80dda84cc02658471e3adda69601912c958854b43fcd3b759bc2924572b12709cf24960d6dcb38add65a34be04d69008ee673fbb84a
SSDEEP

12288:pLqBtOZlxdBqHv89X6iYgLyRQbeuwFlyA2Mp+LIAk8IklY3uM6Poig8kvkSqxBE:pn8Q02jbepFlyK+LIAFIp3uMEcbYxq

Score

N/A

Malware Config

Signatures

Files

570e90298145ef4b139ddc5daeaa7baf7f4242e3b7bc26501a7047d0c9202298
.exe windows x86

ce2e52b4bf6130943bf0178305ddc96a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceW
ChangeServiceConfigW
OpenServiceW
OpenSCManagerW
CloseServiceHandle

kernel32

GetModuleFileNameW
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
Sleep
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
CreateProcessW
QueueUserWorkItem
RegisterWaitForSingleObject
OpenProcess
WaitForSingleObject
UnregisterWaitEx
CreateEventW
QueryFullProcessImageNameW
GetProcAddress
FreeLibrary
InterlockedCompareExchange
LoadLibraryA
lstrcmpW
lstrlenW
GlobalLock
GlobalUnlock
FindResourceW
GlobalAlloc
LoadResource
LockResource
GlobalHandle
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
RaiseException
GetCurrentThreadId
DelayLoadFailureHook
GetVersionExA
InterlockedExchange
GlobalFree
GetLastError
HeapSetInformation
CloseHandle
MulDiv
ExpandEnvironmentStringsW
LoadLibraryExW
OutputDebugStringA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetModuleHandleA
CreateMutexW
SetLastError
SetUnhandledExceptionFilter
GetStartupInfoW
VirtualAlloc
HeapFree
GetProcessHeap
HeapAlloc
VirtualFree

gdi32

SetWindowOrgEx
CreateFontW
SetBkColor
OffsetWindowOrgEx
CreateFontIndirectW
SetBkMode
SetTextColor
GetTextMetricsW
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
Polygon

user32

CreateDialogIndirectParamW
PostQuitMessage
GetDoubleClickTime
GetDlgCtrlID
DestroyIcon
SetTimer
LoadIconW
GetMonitorInfoW
MonitorFromPoint
EnumChildWindows
EnableMenuItem
CheckMenuItem
GetMenuItemInfoW
GetSubMenu
InsertMenuItemW
DeleteMenu
SetMenuItemInfoW
KillTimer
EndDialog
GetMenu
EnableWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetScrollPos
SetScrollInfo
CopyIcon
LoadStringW
GetWindowThreadProcessId
IsWindowVisible
GetClassLongW
GetActiveWindow
SetProcessDPIAware
PostMessageW
SetForegroundWindow
FindWindowW
BringWindowToTop
DefWindowProcW
DestroyWindow
CreateWindowExW
CallWindowProcW
SetWindowContextHelpId
SetDlgItemTextW
ShowWindow
LoadImageW
PrivateExtractIconsW
SetRect
FrameRect
IsWindowEnabled
PtInRect
SetCursor
OffsetRect
DrawFocusRect
DrawEdge
SystemParametersInfoW
DrawTextW
UnregisterClassA
ValidateRect
UpdateWindow
GetWindowRect
MapDialogRect
GetSysColorBrush
CopyRect
MapWindowPoints
InflateRect
GetDlgItem
SendMessageW
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableW
GetDC
ReleaseDC
GetDesktopWindow
CharNextW
GetParent
GetClassNameW
SetWindowPos
RedrawWindow
IsWindow
GetClientRect
BeginPaint
FillRect
EndPaint
IsChild
SetFocus
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
DialogBoxIndirectParamW
GetWindowLongW
SetWindowLongW
SendDlgItemMessageW

msvcrt

_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
_errno
realloc
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_controlfp
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
memmove_s
_isnan
_vsnwprintf
calloc
_ftol2_sse
_purecall
memcpy
swprintf_s
??_U@YAPAXI@Z
free
__CxxFrameHandler3
malloc
memcpy_s
_CxxThrowException
??2@YAPAXI@Z
_wcsicmp
_wtoi
??_V@YAXPAX@Z
??3@YAXPAX@Z
_adjust_fdiv
memset

comctl32

ord17

ole32

OleUninitialize
CreateStreamOnHGlobal
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoCreateGuid
PropVariantClear
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString
VariantInit
VariantClear
SysStringByteLen
OleCreateFontIndirect
VarBstrCmp
LoadRegTypeLi
LoadTypeLi

shlwapi

ord487
PathFindFileNameW
PathParseIconLocationW
StrTrimW
ord348
PathFindExtensionW

shell32

SHGetFileInfoW
SHAppBarMessage
CommandLineToArgvW

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipCreateLineBrush
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipFillPath
GdipFillRectangle
GdipDrawLine
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipAddPathLine

dwmapi

DwmSetWindowAttribute

uxtheme

GetThemeColor
OpenThemeData
BufferedPaintInit
EndBufferedPaint
BufferedPaintSetAlpha
BeginBufferedPaint
DrawThemeBackground
BufferedPaintUnInit
CloseThemeData

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp1
Size: 540KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce2e52b4bf6130943bf0178305ddc96a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

comctl32

ole32

oleaut32

shlwapi

shell32

gdiplus

dwmapi

uxtheme

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 6KB - Virtual size: 6KB

.vmp1 Size: 540KB - Virtual size: 1.6MB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 6KB - Virtual size: 6KB

.vmp1
Size: 540KB - Virtual size: 1.6MB