08a6c5696962f83ce0819bf7c16b2d55b0ef4b096f323c5d1ba202e97f9e6a49

Sharing

Copy URL Twitter E-mail

General

Target

08a6c5696962f83ce0819bf7c16b2d55b0ef4b096f323c5d1ba202e97f9e6a49
Size

983KB
MD5

71a9c8ea4e8eb678f2477e94c3fda0c0
SHA1

60987a1f81f457969c3a36c782ec97b82271d7c1
SHA256

08a6c5696962f83ce0819bf7c16b2d55b0ef4b096f323c5d1ba202e97f9e6a49
SHA512

37aecb6c7f19849cc9647a1120ba603cf334464e88b029aab12306c2761d99e3dc1b971d5d9eba10181838fd8f6dc8c27eed9afcbbdfd285d18098c4b02aa05f
SSDEEP

24576:89B2k6zaiUhuzk1/fPiymk9oJQQTb8pqH6SoJ:8T2Jakz8/fPie9oJQQToUH+J

Score

N/A

Malware Config

Signatures

Files

08a6c5696962f83ce0819bf7c16b2d55b0ef4b096f323c5d1ba202e97f9e6a49
.exe windows x86

2fd04522da571a38f5f64e9011dbfd35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
Module32Next
WaitNamedPipeA
ConnectNamedPipe
GetTickCount
WriteFile
DisconnectNamedPipe
CreateNamedPipeA
GetThreadContext
RtlCaptureContext
VirtualQuery
lstrcpynA
SetUnhandledExceptionFilter
SetHandleInformation
GetCurrentThread
IsBadReadPtr
IsBadCodePtr
FileTimeToSystemTime
GetEnvironmentVariableA
GetShortPathNameA
InterlockedExchange
SetFileAttributesA
GetTempFileNameA
GetLocalTime
OpenThread
GlobalMemoryStatusEx
GetSystemInfo
CreatePipe
SetEnvironmentVariableA
GetFileTime
FileTimeToLocalFileTime
GetTempPathA
GetSystemTime
SuspendThread
DeleteFileA
CreateDirectoryA
FindFirstFileA
CopyFileA
FindClose
GetPrivateProfileStringA
FindNextFileA
GetPrivateProfileSectionA
WritePrivateProfileStringA
CreateMutexA
ReleaseMutex
GetVersionExA
Thread32First
OpenProcess
CompareStringW
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
LoadLibraryW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
SetHandleCount
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
RtlUnwind
GetTimeZoneInformation
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
Process32Next
VirtualProtect
CreateThread
ExitThread
DecodePointer
EncodePointer
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
SystemTimeToFileTime
UnmapViewOfFile
FileTimeToDosDateTime
SetFilePointer
GetFileInformationByHandle
GetFileType
Process32First
LocalFree
GetCurrentProcessId
LocalSize
LocalAlloc
FormatMessageA
DeleteCriticalSection
LoadLibraryExA
GetModuleFileNameA
LoadLibraryA
lstrcmpiA
lstrlenW
IsDBCSLeadByte
TerminateProcess
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
FreeLibrary
FindResourceA
lstrcpyA
ResumeThread
GetVersion
CloseHandle
GetCurrentThreadId
GetCurrentDirectoryA
GetModuleHandleA
LockResource
ResetEvent
GlobalFree
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
RaiseException
FlushInstructionCache
GlobalUnlock
MultiByteToWideChar
CreateFileA
ReadFile
CreateProcessA
MulDiv
LeaveCriticalSection
CreateEventA
SizeofResource
Sleep
WideCharToMultiByte
GlobalAlloc
InitializeCriticalSection
SetEvent
WaitForSingleObject
GlobalLock
GetCurrentProcess
LoadResource
FindResourceW
FindResourceExW
lstrlenA
GetSystemPowerStatus
HeapFree
GetProcessHeap
HeapAlloc
FlushFileBuffers
GetFileAttributesA
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetSystemDefaultLangID
Module32First
GetModuleHandleW
Thread32Next
GetFileSize
QueryPerformanceCounter

user32

CopyRect
DrawFrameControl
GetDlgCtrlID
LoadCursorA
CallWindowProcA
MapWindowPoints
IsWindowVisible
ReleaseCapture
EqualRect
IsWindow
ShowWindow
SetWindowPos
GetSysColor
GetDesktopWindow
DefWindowProcA
GetDlgItem
MonitorFromWindow
LoadImageA
CreateWindowExA
GetWindowLongA
InvalidateRect
CopyImage
SetWindowLongA
SetRect
GetWindowTextA
OffsetRect
GetForegroundWindow
InflateRect
GetDC
GetMonitorInfoA
PtInRect
BeginPaint
SendMessageA
SetFocus
GetClientRect
IsWindowEnabled
LoadIconA
GetParent
DrawIconEx
GetKeyState
DrawTextA
LoadStringA
GetKeyboardLayout
KillTimer
SetCapture
GetClassInfoExA
FillRect
PostQuitMessage
RegisterClassExA
UnregisterClassA
GetWindow
MoveWindow
MessageBoxA
ReleaseDC
SetForegroundWindow
BringWindowToTop
GetSystemMetrics
GetWindowThreadProcessId
GetMessageA
CharNextA
TranslateMessage
PeekMessageA
GetActiveWindow
DispatchMessageA
EndPaint
ClientToScreen
DestroyWindow
SetCursor
SetWindowRgn
SetTimer
GetWindowRect

gdi32

GetClipRgn
MoveToEx
BitBlt
GetTextExtentPoint32A
LineTo
SetTextColor
DeleteDC
CreateDIBSection
Rectangle
StretchBlt
CreateFontIndirectA
SetBkColor
CreateBitmap
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
SetRectRgn
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
RectInRegion
CreateCompatibleBitmap
OffsetRgn
SaveDC
CreateRectRgn
CreatePen
RoundRect
GetPixel
GetObjectA
GetStockObject
ExtTextOutA
RestoreDC
CreateSolidBrush
TextOutA
SetDIBColorTable
GetDeviceCaps

advapi32

RegOpenKeyA
RegSetValueExA
RegQueryValueExA
LookupAccountSidA
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyW
RegQueryInfoKeyA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
VariantInit
SafeArrayDestroy
VariantCopy
VariantClear
SafeArrayGetLBound
SysAllocString
SysFreeString
OleLoadPicture

shlwapi

PathAddBackslashA
SHGetValueA
SHSetValueA
StrToIntA
PathAppendA
PathFindExtensionW
PathFindExtensionA
PathStripPathA
PathFileExistsA
PathRemoveFileSpecA

comctl32

_TrackMouseEvent

gdiplus

GdipDeleteGraphics
GdipDrawImageRectRectI
GdipGetImageHeight
GdipDrawImageRectI
GdipDisposeImageAttributes
GdiplusShutdown
GdipLoadImageFromStream
GdipCloneImage
GdipBitmapLockBits
GdipSaveImageToFile
GdipGetImagePaletteSize
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImagePalette
GdipSetImageAttributesColorKeys
GdipCreateImageAttributes
GdipCreateFromHDC
GdipFree
GdiplusStartup
GdipGetImageWidth

wininet

InternetAttemptConnect
HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetCookieA
HttpSendRequestA
HttpSendRequestExA
InternetConnectA
HttpEndRequestA
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetWriteFile
InternetReadFile

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dbghelp

SymFunctionTableAccess64
SymSetOptions
SymGetModuleBase64
SymCleanup
SymInitialize
StackWalk64
SymFromAddr
SearchTreeForFile
SymGetLineFromAddr64

psapi

GetProcessMemoryInfo

imm32

ImmIsIME
ImmGetDescriptionA

Sections

.text
Size: 622KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fd04522da571a38f5f64e9011dbfd35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

wininet

version

dbghelp

psapi

imm32

Sections

.text Size: 622KB - Virtual size: 622KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 27KB - Virtual size: 142KB

.rsrc Size: 137KB - Virtual size: 136KB

.reloc Size: 87KB - Virtual size: 86KB

.text
Size: 622KB - Virtual size: 622KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 27KB - Virtual size: 142KB

.rsrc
Size: 137KB - Virtual size: 136KB

.reloc
Size: 87KB - Virtual size: 86KB