37129b1419cbc1d736bb49ddd3f322ce5f71dceab6fdab384d3c22d361aa8703

Sharing

Copy URL Twitter E-mail

General

Target

37129b1419cbc1d736bb49ddd3f322ce5f71dceab6fdab384d3c22d361aa8703
Size

708KB
MD5

40f82d04a34cf1aa09a12accc65ae610
SHA1

f54e8cb14bc2e370370e1416284e4b9e4577adbe
SHA256

37129b1419cbc1d736bb49ddd3f322ce5f71dceab6fdab384d3c22d361aa8703
SHA512

7b5e9c196fe0b7106e497b87ccf991b8cfb7c825342f14fc2973a8f5b50cc3b5dde34b8fb200b513619a8c59c2bca0762a820f6c9ddb5604ec67993cbd86928d
SSDEEP

12288:1A2XxO0eBizcfRoiSBtwwfcy0OlxLUJVyvaOzsYFqH+8/mr:1XXxtewzcfRoiGtww/0OlOJIiOvF+jO

Score

N/A

Malware Config

Signatures

Files

37129b1419cbc1d736bb49ddd3f322ce5f71dceab6fdab384d3c22d361aa8703
.exe windows x86

690124e71cfdee92f943ad4cc3168f41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
gethostbyname
gethostbyaddr
WSAStartup

shlwapi

PathFindFileNameW
PathFindExtensionW

kernel32

GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
GetSystemTimeAsFileTime
ExitProcess
HeapReAlloc
RtlUnwind
GetStartupInfoW
SetErrorMode
FlushFileBuffers
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
GlobalFlags
InterlockedIncrement
lstrcmpiW
InterlockedDecrement
GetTickCount
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
FreeResource
GlobalAddAtomW
GlobalFree
MulDiv
GlobalUnlock
FormatMessageW
lstrcpynW
lstrlenW
GetCurrentThreadId
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
VirtualAlloc
VirtualFree
HeapAlloc
HeapFree
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentThread
LocalAlloc
LocalFree
FindFirstFileW
FindClose
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileSectionW
GetCurrentProcess
TerminateProcess
ExpandEnvironmentStringsW
GetModuleHandleW
CreateFileW
WriteFile
SetFilePointer
GetModuleFileNameW
lstrcpyW
GetFileAttributesW
CreateDirectoryW
GetPrivateProfileStringW
GetLogicalDrives
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
WideCharToMultiByte
SetLastError
MultiByteToWideChar
CreateMutexW
GetLastError
ReleaseMutex
CloseHandle
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetFileType

user32

PostThreadMessageW
GetSysColorBrush
LoadCursorW
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
DestroyMenu
RegisterClipboardFormatW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
MessageBoxW
UpdateWindow
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
PostMessageW
PeekMessageW
DispatchMessageW
SetWindowLongW
wsprintfW
GetSysColor
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
GetWindowRect
GetSystemMenu
SendMessageW
AppendMenuW
DrawIcon
FindWindowW
GetForegroundWindow
SetForegroundWindow
ShowWindow
UnregisterClassW
IsIconic
GetMenu
GetMessagePos

gdi32

DeleteObject
PtVisible
RectVisible
TextOutW
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
RestoreDC
SaveDC
CreateSolidBrush
GetDeviceCaps
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectW
ExtTextOutW
SetMapMode
Escape

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
GetUserNameW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges
RegQueryMultipleValuesW
RegEnumValueW
RegEnumKeyExW
RegRestoreKeyW
RegQueryInfoKeyW
RegSaveKeyW

shell32

ShellExecuteW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

690124e71cfdee92f943ad4cc3168f41

Headers

File Characteristics

Imports

ws2_32

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 440KB - Virtual size: 439KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 56KB - Virtual size: 79KB

.data1 Size: 4KB - Virtual size: 256B

.rsrc Size: 36KB - Virtual size: 32KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 440KB - Virtual size: 439KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 56KB - Virtual size: 79KB

.data1
Size: 4KB - Virtual size: 256B

.rsrc
Size: 36KB - Virtual size: 32KB

.rmnet
Size: 60KB - Virtual size: 60KB