762275a4117a60ee93fa3aef703574148d8e93a4162827a20357d342f6542d8d

Sharing

Copy URL Twitter E-mail

General

Target

762275a4117a60ee93fa3aef703574148d8e93a4162827a20357d342f6542d8d
Size

173KB
MD5

1883ef5250b544e7ae756ebf3d78582b
SHA1

843bf04395b2cb3f014ca01a35e88aabe17facc0
SHA256

762275a4117a60ee93fa3aef703574148d8e93a4162827a20357d342f6542d8d
SHA512

f81da14c10f06636feb566c3045a93db05d0771604a507ca75d49bed8210d4061627845868595971deb30909c76cdabc1169cb51940d4f748b98a43fbf70a069
SSDEEP

3072:eZ7PO1ZFbzAjbnr8DXQv+ajQuu7AIzofjEFMGaqch6P9fUPhf8nm76L9kl:8O1ZFHAfoDX2+ajKAIGzGOAP+JUnJ9k

Score

N/A

Malware Config

Signatures

Files

762275a4117a60ee93fa3aef703574148d8e93a4162827a20357d342f6542d8d
.exe windows x86

9e17b6f782d7e9e6f471724a2b6889f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsNetworkPathA
StrCatBuffW
PathIsDirectoryW
UrlHashW
StrRetToStrA
StrCatW
PathRemoveFileSpecW
SHDeleteEmptyKeyA
SHSetValueW
StrStrW
StrRChrW
StrToIntExW
PathCompactPathW
SHRegEnumUSValueA
StrChrIW
SHDeleteValueA
PathCombineW
PathAddBackslashW
SHRegGetUSValueW
UrlCanonicalizeA
StrFormatByteSizeA
PathFindOnPathW
PathGetCharTypeA
PathIsSameRootA
StrCpyNW
PathIsRelativeW
PathSearchAndQualifyA
UrlIsNoHistoryA
PathGetArgsA
UrlHashA
SHRegWriteUSValueW
SHRegCloseUSKey
PathFindFileNameA
UrlUnescapeW
UrlUnescapeA
StrCpyW
wvnsprintfW
StrFormatByteSizeW
SHRegGetBoolUSValueW
PathGetDriveNumberA
PathQuoteSpacesA
UrlGetLocationW
SHRegOpenUSKeyW
StrSpnW
ColorAdjustLuma
StrFromTimeIntervalW
PathStripToRootA
PathFindOnPathA
PathAppendA
UrlGetLocationA
StrNCatA
wnsprintfW
PathUnmakeSystemFolderW
StrSpnA
GetMenuPosFromID
SHRegCreateUSKeyW
PathMatchSpecA
PathRenameExtensionW
SHGetInverseCMAP
PathStripToRootW
PathIsLFNFileSpecA
PathGetArgsW
PathBuildRootW
PathMatchSpecW
PathAddExtensionA
PathRemoveFileSpecA
PathFindSuffixArrayW
PathIsPrefixW
PathIsDirectoryA
HashData
PathCompactPathExA
SHRegDuplicateHKey
UrlCreateFromPathA
PathCompactPathA
IntlStrEqWorkerW
PathIsUNCServerShareW
PathIsRootA
StrCatBuffA
StrRStrIA
PathIsUNCW
PathIsSameRootW
PathCompactPathExW
PathFindNextComponentA
AssocQueryKeyW
PathIsDirectoryEmptyA
PathCreateFromUrlA
StrFormatByteSize64A
PathGetCharTypeW
PathBuildRootA
PathFindNextComponentW
PathGetDriveNumberW
SHRegQueryInfoUSKeyA
SHRegEnumUSKeyW
ChrCmpIA
SHRegGetUSValueA
PathSearchAndQualifyW
SHCreateShellPalette
SHSkipJunction
UrlIsNoHistoryW
PathMakePrettyA
SHRegEnumUSKeyA
PathMakeSystemFolderA
StrRetToBufW
PathRelativePathToA
SHSetValueA
PathUndecorateA
SHGetValueW
StrDupW
UrlIsW
PathIsContentTypeW
PathFindExtensionA
ColorHLSToRGB
UrlEscapeA
PathSkipRootW

ole32

ReadOleStg
WriteFmtUserTypeStg
OleGetIconOfFile
CoTreatAsClass
CoRegisterSurrogate
CoResumeClassObjects
CoFileTimeToDosDateTime
OleSetContainedObject
WriteClassStg
OleGetIconOfClass
OleDoAutoConvert
CreateOleAdviseHolder
OleSaveToStream
CoImpersonateClient
UtConvertDvtd16toDvtd32
IIDFromString
CoGetInstanceFromFile
CoGetPSClsid
CoGetMarshalSizeMax
CoTaskMemAlloc
OleIsRunning
OleConvertIStorageToOLESTREAM
OleCreateEx
OleDuplicateData
CoReleaseServerProcess
CoGetCallerTID
CoQueryAuthenticationServices
CoFileTimeNow
OleRegEnumVerbs
CoSwitchCallContext
CreateDataAdviseHolder
CoInitializeSecurity
StringFromGUID2
FreePropVariantArray
GetDocumentBitStg
PropVariantCopy
CoUnmarshalHresult
OleRegEnumFormatEtc
CreateStreamOnHGlobal
CoRevokeClassObject
OleCreateFromData
StgIsStorageILockBytes
OleCreateStaticFromData
CoReleaseMarshalData
CoMarshalInterThreadInterfaceInStream
RegisterDragDrop
PropVariantClear
OleLockRunning
IsEqualGUID
DoDragDrop
CoRevertToSelf
CoQueryClientBlanket
CoFreeUnusedLibraries
CoGetObject
CoDisconnectObject
UtGetDvtd32Info
CoInitialize
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
DllDebugObjectRPCHook
ReadStringStream
CoTaskMemFree
CoCreateInstance
OleDestroyMenuDescriptor
OleRegGetUserType
CoIsOle1Class
WriteStringStream
CoGetCallContext
CoUninitialize
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
OleGetClipboard
CoGetTreatAsClass
CoRegisterChannelHook
CreateClassMoniker
OleRun
RevokeDragDrop
CoIsHandlerConnected
CoRegisterMallocSpy
CoRevokeMallocSpy
CoInitializeEx
OleCreate
UpdateDCOMSettings
OleIsCurrentClipboard
OleCreateLinkToFile
CoQueryReleaseObject
OleLoadFromStream
OleTranslateAccelerator
StgOpenStorageOnILockBytes
CreateItemMoniker
CoGetCurrentProcess
StringFromIID
GetClassFile
CoLoadLibrary
OleQueryCreateFromData
SetConvertStg
OleGetAutoConvert
WriteClassStm
OleSetMenuDescriptor
CoGetStandardMarshal
OleMetafilePictFromIconAndLabel
OleDraw
OleCreateLink
MonikerCommonPrefixWith
CoBuildVersion
ReleaseStgMedium
StgOpenAsyncDocfileOnIFillLockBytes
GetHookInterface
CreateDataCache
CoMarshalInterface

advapi32

BuildTrusteeWithSidA
AdjustTokenPrivileges
CryptSetKeyParam
RegDeleteKeyA
LogonUserA
CryptReleaseContext
InitializeAcl
RegEnumValueW
GetCurrentHwProfileW
CryptEnumProvidersA
BuildImpersonateTrusteeW
SetEntriesInAclW
GetServiceDisplayNameW
RegisterServiceCtrlHandlerA
OpenServiceA
SetEntriesInAccessListW
CryptDecrypt
CryptAcquireContextW
RegGetKeySecurity
CreateServiceA
RegQueryValueA
TrusteeAccessToObjectW
SetSecurityInfoExW
AddAccessDeniedAce
GetMultipleTrusteeA
CryptGetUserKey
ReportEventW
RegSetValueExW
ControlService
RegisterEventSourceW
ReportEventA
RegSetValueExA
QueryServiceLockStatusA
CryptCreateHash
AddAce
GetKernelObjectSecurity
GetSecurityInfo
MapGenericMask
SetEntriesInAclA
AllocateLocallyUniqueId
EnumServicesStatusW
RegConnectRegistryW
SetNamedSecurityInfoA
LookupAccountNameW
GetSidSubAuthorityCount
ReadEventLogA
AdjustTokenGroups
GetCurrentHwProfileA
RegQueryMultipleValuesW
ConvertSecurityDescriptorToAccessNamedW
BuildExplicitAccessWithNameA
RegReplaceKeyA
EqualPrefixSid
EnumDependentServicesW
LookupAccountSidA
OpenSCManagerA
NotifyChangeEventLog
SetKernelObjectSecurity
LookupAccountNameA
InitializeSecurityDescriptor
CryptEnumProviderTypesA
BuildImpersonateExplicitAccessWithNameW
GetMultipleTrusteeOperationA
GetServiceDisplayNameA
GetEffectiveRightsFromAclA
CryptEncrypt
ChangeServiceConfigW
OpenBackupEventLogA
StartServiceA
RegOpenKeyW
RegUnLoadKeyA
LookupPrivilegeDisplayNameA
BuildTrusteeWithSidW
RegSetKeySecurity
LookupAccountSidW
ChangeServiceConfigA
StartServiceCtrlDispatcherW
CryptImportKey
CryptGetKeyParam
CryptSetProviderW
GetSidSubAuthority
OpenSCManagerW
GetPrivateObjectSecurity
GetOverlappedAccessResults
UnlockServiceDatabase
IsValidAcl
RegisterServiceCtrlHandlerW
AreAllAccessesGranted
RegOpenKeyExW
BuildTrusteeWithNameW
GetTrusteeNameA
CopySid
AccessCheckAndAuditAlarmW
GetServiceKeyNameA
GetAuditedPermissionsFromAclW
GetAce
AccessCheck
GetSecurityDescriptorGroup
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegEnumValueA
ObjectOpenAuditAlarmA
CryptSignHashA
CreatePrivateObjectSecurity
DeregisterEventSource
PrivilegedServiceAuditAlarmW
GetExplicitEntriesFromAclA
GetNumberOfEventLogRecords
OpenBackupEventLogW
CryptGetDefaultProviderA
SetServiceObjectSecurity
CryptEnumProviderTypesW
GetEffectiveRightsFromAclW
GetSecurityDescriptorDacl
IsValidSid
GetAuditedPermissionsFromAclA
CreateProcessAsUserW
MakeSelfRelativeSD

user32

ChangeMenuA
CloseWindow
InflateRect
CharUpperBuffW
DefMDIChildProcA
DdeDisconnectList
MapVirtualKeyA
GetMenuItemID
GetClipboardOwner
FindWindowExW
CreateIconFromResourceEx
GetMenuStringA
LoadMenuW
CheckDlgButton
DlgDirListComboBoxW
RegisterWindowMessageA
GetWindowTextLengthA
CharUpperBuffA
DdeQueryNextServer
CharLowerA
GetMenuCheckMarkDimensions
DdeAccessData
IsMenu
GetDlgCtrlID
DdeAbandonTransaction
IsCharUpperW
InSendMessageEx
GetAltTabInfo
GetDoubleClickTime
GetShellWindow
GetWindowModuleFileNameA
ShowOwnedPopups
DdeGetData
SetThreadDesktop
MapVirtualKeyExA
FindWindowW
DefWindowProcA
IsWindowVisible
SetMenuInfo
LoadImageW
InvalidateRect
LoadCursorA
MessageBeep
GetDCEx
SetCursor
DdeUninitialize
GetSysColor
DrawIconEx
DrawCaption
MonitorFromRect
SendMessageTimeoutW
GetMenuInfo
CharToOemBuffA
TranslateAcceleratorA
DialogBoxParamA
EndTask
BringWindowToTop
DestroyAcceleratorTable
GetCursorInfo
PostMessageW
GetKeyboardLayoutNameW
GetMenuItemInfoW
GetWindow
SwitchDesktop
GetUserObjectInformationA
SetCaretBlinkTime
ClipCursor
SetSysColors
ChangeDisplaySettingsA
GetUserObjectInformationW
DrawIcon
PackDDElParam
DragObject
GetClassWord
CreateAcceleratorTableA
CreateWindowExA
GetClipboardFormatNameA
GetGuiResources
GetMessageTime
ShowScrollBar
GetMenuContextHelpId
OemToCharBuffW
DrawAnimatedRects
DrawEdge
RegisterWindowMessageW
DdeImpersonateClient
InSendMessage
EnumChildWindows
DrawTextW
AnimateWindow
MapDialogRect
GetMenuStringW
SetUserObjectInformationW
LoadImageA
DdeCreateStringHandleW
DestroyWindow
MapVirtualKeyW
GetDlgItemTextW
OpenIcon
DispatchMessageW
CreateDesktopA
GetListBoxInfo
SetUserObjectSecurity
ChildWindowFromPoint
OpenWindowStationW
SetClipboardViewer
SetClassWord
GetOpenClipboardWindow
EnumDisplayMonitors
EnumWindows
LoadKeyboardLayoutA
CascadeChildWindows
SetScrollRange
DdeFreeDataHandle
SetDlgItemTextW

kernel32

OpenProcess
CancelDeviceWakeupRequest
BeginUpdateResourceA
CompareStringW
GetPrivateProfileStructW
GlobalUnlock
GetAtomNameW
GetDiskFreeSpaceA
GetProfileStringW
WriteProfileSectionA
SetComputerNameA
Heap32Next
SetConsoleScreenBufferSize
lstrcatA
FatalAppExitA
GetPriorityClass
SetupComm
GetThreadPriorityBoost
QueryDosDeviceW
EnumSystemCodePagesA
UpdateResourceA
SetHandleInformation
ReleaseSemaphore
GlobalFindAtomA
CreateFileW
CreateMutexA
GetComputerNameA
SetSystemTime
ResumeThread
GetThreadPriority
CreateWaitableTimerW
GetThreadLocale
GetCommState
GetUserDefaultLangID
WriteProfileSectionW
SetConsoleCursorPosition
lstrcmp
SetCommState
CommConfigDialogW
DosDateTimeToFileTime
GetDefaultCommConfigW
CopyFileA
QueryPerformanceCounter
GetLogicalDriveStringsA
SetDefaultCommConfigW
SetCalendarInfoA
WriteConsoleOutputA
EnumCalendarInfoA
EnumResourceTypesW
SetEndOfFile
LoadLibraryExA
CreateDirectoryA
WaitCommEvent
GetNumberFormatA
GetLargestConsoleWindowSize
ExpandEnvironmentStringsW
VirtualProtect
ExpandEnvironmentStringsA
UnhandledExceptionFilter
CreateFiber
ContinueDebugEvent
FindResourceExA
SetThreadLocale
OpenFile
VirtualAlloc
CreateProcessA
CreateThread
WideCharToMultiByte
ClearCommError
EnumResourceNamesW
GetTempPathW
EnumDateFormatsA
SetFileApisToOEM
GetLocaleInfoA
GetCPInfoExA
CreateTapePartition
WaitNamedPipeA
HeapCompact
GlobalDeleteAtom
LoadLibraryA
FindFirstChangeNotificationW
GetModuleFileNameW
OpenMutexA
LocalHandle
SetThreadExecutionState
GetPrivateProfileIntW
SetFileAttributesW
OpenWaitableTimerA
GetProfileSectionW
GetCommConfig
GetCPInfoExW
BuildCommDCBW
GetCommMask
FindAtomA
EnumSystemLocalesA
InitAtomTable
lstrlenW
GetShortPathNameW
GetTickCount
LoadModule
GetNumberFormatW
FatalAppExitW
GlobalMemoryStatus
GetCurrentDirectoryA
GetSystemTime
TerminateProcess
ReadConsoleInputA
LocalSize
HeapCreate
GetShortPathNameA
GetSystemDefaultLCID
EnumCalendarInfoExW
QueryPerformanceFrequency
UnlockFile
lstrlenA
DeleteFileW
Process32Next
ExitProcess
SetConsoleWindowInfo
FindNextFileW
SetFileAttributesA
DisconnectNamedPipe
LockFile
WriteProfileStringW
GetThreadContext
GetNamedPipeInfo
GetDiskFreeSpaceW

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 213B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e17b6f782d7e9e6f471724a2b6889f4

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ole32

advapi32

user32

kernel32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 213B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 213B