2b2c8dcb05fc9a20b59cce471eaadabdba710cb733bf69b57cefa5d0c19b92c6

Sharing

Copy URL Twitter E-mail

General

Target

2b2c8dcb05fc9a20b59cce471eaadabdba710cb733bf69b57cefa5d0c19b92c6
Size

86KB
MD5

4914b4347a102b6faf12ef82b95a86af
SHA1

e024d4fa14abbc43524378970befeca4978dc854
SHA256

2b2c8dcb05fc9a20b59cce471eaadabdba710cb733bf69b57cefa5d0c19b92c6
SHA512

af4164c72c7ca6a38e5af8116d2ec1b2d8cc005f2f172a2c9141f245aed56d5b2b78a7c66d22683a20e1d4af97dfd46af5e4162b75e6ace8fd2d7fbc12b80b8e
SSDEEP

1536:mjBWeg5ejGZon7AUCZXz+U2rVGZJ8mpUYRbSH4J2IQJw+0RXtUOpbI:mjBQSGZo7WbJ8NeYJaRd7I

Score

N/A

Malware Config

Signatures

Files

2b2c8dcb05fc9a20b59cce471eaadabdba710cb733bf69b57cefa5d0c19b92c6
.exe windows x86

0a2369758326fd45b2f462d16b162818

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromStream
OleSaveToStream
OpenOrCreateStream
OleSave
MonikerRelativePathTo
OleCreateFromFile
OleQueryCreateFromData
StgSetTimes
OleRegGetMiscStatus
CreateItemMoniker
GetDocumentBitStg
ReadStringStream
StgCreateDocfileOnILockBytes
CoGetCurrentLogicalThreadId
CoMarshalHresult
OleDoAutoConvert
CoQueryReleaseObject
OleRegGetUserType
RegisterDragDrop
CoGetInterfaceAndReleaseStream
CoUninitialize
CreateAntiMoniker
CoGetMalloc
ProgIDFromCLSID
OleIsCurrentClipboard
CoMarshalInterThreadInterfaceInStream
StgIsStorageFile
OleInitialize
CreateStreamOnHGlobal
OleCreateLink
CoIsOle1Class
OleCreateDefaultHandler
ReadFmtUserTypeStg
CoLoadLibrary
GetConvertStg
CoTaskMemAlloc
CreateObjrefMoniker
OleGetIconOfClass
OleBuildVersion
CoCreateInstance
GetHGlobalFromILockBytes
CoInitialize
OleCreateFromDataEx
OleUninitialize
UtGetDvtd32Info
CoRegisterClassObject
GetHookInterface
StgCreateDocfile
WriteOleStg
OleCreateMenuDescriptor
PropVariantClear
StringFromIID
OleMetafilePictFromIconAndLabel
OleQueryLinkFromData
CreatePointerMoniker
OleIsRunning
OleTranslateAccelerator
CoGetCallerTID
StgOpenAsyncDocfileOnIFillLockBytes
ReadClassStg
CreateDataCache
StgOpenStorageEx
OleConvertIStorageToOLESTREAMEx
OleNoteObjectVisible
OleCreateLinkFromData
StgOpenStorageOnILockBytes
ReadOleStg
UpdateDCOMSettings
PropVariantCopy
CoGetCurrentProcess
CoRegisterMallocSpy
CoCreateInstanceEx
GetClassFile
StgOpenStorage
CoTaskMemRealloc
CoMarshalInterface
OleRegEnumFormatEtc
CoGetStandardMarshal
CoSetProxyBlanket
CoRegisterSurrogate
WriteClassStg
CoInitializeEx
OleConvertIStorageToOLESTREAM
CoDisconnectObject
OleCreateLinkToFileEx
OleLockRunning
RevokeDragDrop
OleDraw
CoRegisterMessageFilter
OleConvertOLESTREAMToIStorageEx
CreateFileMoniker
CoAddRefServerProcess
GetRunningObjectTable
OleCreateStaticFromData
CoLockObjectExternal
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CoUnmarshalInterface
CoResumeClassObjects
CoIsHandlerConnected
OleFlushClipboard
OleCreateEx
CoGetPSClsid
OleCreateFromData
CoReleaseServerProcess
StgCreateStorageEx

advapi32

GetSecurityDescriptorOwner
LogonUserW
GetServiceDisplayNameW
RegReplaceKeyW
RegQueryValueExW
RegisterEventSourceW
MakeSelfRelativeSD
CryptGetProvParam
AddAce
GetCurrentHwProfileA
DuplicateTokenEx
SetNamedSecurityInfoExW
GetEffectiveRightsFromAclA
CryptSetProviderA
SetAclInformation
GetSecurityDescriptorGroup
StartServiceCtrlDispatcherW
SetThreadToken
QueryServiceLockStatusW
GetServiceKeyNameW
GetKernelObjectSecurity
ObjectOpenAuditAlarmA
GetServiceKeyNameA
ReadEventLogA
CryptDecrypt
RegEnumKeyExW
OpenProcessToken
OpenThreadToken
SetSecurityInfoExW
RegQueryInfoKeyW
CryptEnumProvidersW
ReportEventA
ChangeServiceConfigA
LookupSecurityDescriptorPartsW
GetTrusteeNameW
GetCurrentHwProfileW
CryptAcquireContextA
GetUserNameW
SetSecurityDescriptorOwner
OpenSCManagerW
CryptVerifySignatureW
RegQueryInfoKeyA
QueryServiceLockStatusA
RegQueryMultipleValuesA
MapGenericMask
LockServiceDatabase
RegDeleteKeyA
RegisterServiceCtrlHandlerW
BuildImpersonateTrusteeA
RegOpenKeyA
OpenBackupEventLogA
IsValidSecurityDescriptor
LookupAccountNameW
LookupAccountSidA
CryptDestroyHash
CryptEnumProvidersA
IsValidAcl
QueryServiceObjectSecurity
SetKernelObjectSecurity
CryptHashSessionKey
RegCreateKeyExA
GetTrusteeTypeA
GetSecurityDescriptorLength
CryptDuplicateKey
GetSidSubAuthorityCount
PrivilegedServiceAuditAlarmA
RegRestoreKeyA
LogonUserA
GetNamedSecurityInfoW
SetEntriesInAclW
LookupAccountSidW
RegCloseKey
ObjectDeleteAuditAlarmA
GetServiceDisplayNameA
CreateServiceA
GetExplicitEntriesFromAclA
GetSidLengthRequired
RegUnLoadKeyW
OpenServiceW
ChangeServiceConfigW
GetUserNameA
IsTextUnicode
UnlockServiceDatabase
SetPrivateObjectSecurity
CryptHashData
CryptGenRandom
EnumDependentServicesA
ObjectCloseAuditAlarmW
SetEntriesInAuditListA
EqualPrefixSid
CryptGetDefaultProviderW
CryptSetProviderExA
AdjustTokenPrivileges
RegDeleteKeyW
SetEntriesInAuditListW
RegRestoreKeyW
SetEntriesInAclA
SetServiceObjectSecurity
TrusteeAccessToObjectW
RegNotifyChangeKeyValue
ObjectDeleteAuditAlarmW
RegCreateKeyExW
RegQueryValueA
CryptVerifySignatureA
ConvertAccessToSecurityDescriptorA
BuildTrusteeWithSidA
RegGetKeySecurity
CryptSetProviderW
CryptDeriveKey

user32

MapWindowPoints
CreateIconFromResourceEx
DdeSetUserHandle
EndTask
CreatePopupMenu
DeferWindowPos
DefDlgProcA
GetClipboardData
CreateWindowExA
SetDlgItemTextA
InSendMessage
SendIMEMessageExW
DestroyCaret
GetSystemMenu
OemToCharA
DrawFocusRect
MessageBeep
SendMessageTimeoutW
TileWindows
CopyAcceleratorTableW
SetPropA
TileChildWindows
EnumDisplaySettingsExA
EnumWindows
CreateIconFromResource
PaintDesktop
GetClassLongA
CharUpperBuffW
RegisterClipboardFormatA
DefMDIChildProcA
CharToOemBuffW
RegisterClassExW
SetCaretPos
VkKeyScanExW
SetMenu
GetWindowLongW
SystemParametersInfoW
LoadBitmapA
ChangeClipboardChain
EnumClipboardFormats
GetWindowWord
DrawEdge
CreateMDIWindowA
SetWindowTextW
CreateWindowStationA
CharToOemBuffA
EnumDisplaySettingsA
CharToOemW
IsWindowUnicode
KillTimer
DestroyWindow
MapDialogRect
GetCapture
RegisterWindowMessageA
TranslateAcceleratorW
EnableMenuItem
IsChild
FrameRect
RedrawWindow
GetCursor
SwitchDesktop
GetMonitorInfoW
OpenIcon
GetKeyboardLayoutList
GetUserObjectInformationA
SetShellWindow
GetMenuItemID
MonitorFromPoint
BeginDeferWindowPos
HiliteMenuItem
GetClassLongW
GetClassNameA
SetWindowsHookExA
GetPropW
DdeQueryNextServer
IsIconic
PostThreadMessageA
TrackPopupMenuEx
DrawTextExW
OemToCharBuffW
ExitWindowsEx
SetWindowsHookExW
CopyAcceleratorTableA
CharUpperBuffA
EditWndProc
GetWindowPlacement
SetLastErrorEx
SetWindowPos
CharUpperA
CloseWindowStation
EnumPropsExW
IsWindow
ToUnicode
GetCursorPos
FlashWindowEx
MessageBoxW
OpenWindowStationA
MonitorFromRect
IntersectRect
LookupIconIdFromDirectory
GetMessageW
CallNextHookEx
CharPrevW
ShowOwnedPopups
AppendMenuW
LoadAcceleratorsA
CharLowerBuffA
SetMenuItemInfoW
FindWindowExA
SetClipboardViewer
SetSysColors
AppendMenuA
GetKeyNameTextW
WINNLSEnableIME
DestroyIcon
CheckRadioButton
GetLastActivePopup
DdeSetQualityOfService
EnumDisplayDevicesW
DdeCmpStringHandles
ModifyMenuW
CharNextExA
MessageBoxIndirectW
WINNLSGetIMEHotkey

kernel32

LoadLibraryExW
GetTempFileNameW
GetProfileStringW
LocalHandle
GetCPInfo
GetLocaleInfoW
EnumSystemLocalesA
QueryDosDeviceW
GetVersion
SuspendThread
CreateFiber
GetPrivateProfileIntW
GetBinaryType
WriteConsoleOutputA
ScrollConsoleScreenBufferW
SetCommTimeouts
SetFileApisToOEM
GetUserDefaultLangID
FoldStringW
GetTapeStatus
GetLocalTime
GetCommTimeouts
FatalExit
SetProcessShutdownParameters
SetHandleCount
GetLogicalDriveStringsW
MoveFileA
lstrcatA
FileTimeToLocalFileTime
DisableThreadLibraryCalls
OpenMutexW
PulseEvent
LocalUnlock
SetThreadLocale
CreateIoCompletionPort
ReadProcessMemory
GetSystemDefaultLCID
DeviceIoControl
GlobalUnWire
GetProcessTimes
LCMapStringW
GetThreadSelectorEntry
Heap32First
GlobalCompact
SetThreadPriorityBoost
MoveFileExW
BuildCommDCBAndTimeoutsW
LocalCompact
UpdateResourceA
GetPrivateProfileSectionW
GetSystemDirectoryW
SetErrorMode
SetHandleInformation
FileTimeToDosDateTime
FatalAppExitW
GetThreadLocale
GetWindowsDirectoryA
CreateFileW
GlobalAddAtomA
GetConsoleOutputCP
SetSystemTimeAdjustment
GetCurrencyFormatA
EnumCalendarInfoA
SizeofResource
UnhandledExceptionFilter
LocalSize
GetTimeFormatA
SetMailslotInfo
LocalShrink
OpenFileMappingA
GlobalUnfix
GetSystemDefaultLangID
HeapUnlock
FatalAppExitA
ReadConsoleInputW
SetConsoleOutputCP
ConnectNamedPipe
EraseTape
SetSystemTime
FindFirstFileExW
EndUpdateResourceW
CommConfigDialogA
CompareFileTime
Sleep
lstrcpy
GetLogicalDrives
WaitNamedPipeA
IsBadReadPtr
CreateSemaphoreA
CreateDirectoryExA
SetConsoleTitleA
DefineDosDeviceW
OpenEventA
GetQueuedCompletionStatus
GetFullPathNameW
GetSystemPowerStatus
SetWaitableTimer
GetDateFormatA
GetUserDefaultLCID
GlobalMemoryStatus
SetLocalTime
VirtualAllocEx
VirtualProtect
ConvertDefaultLocale
EnumResourceLanguagesA
FindAtomA
GetDriveTypeW
GetSystemTimeAsFileTime
lstrcpyn
SetFileAttributesW
ResetWriteWatch
EnumTimeFormatsW
EnumCalendarInfoW
GetStartupInfoW
WriteProfileStringW
WriteProfileSectionW
SetTimeZoneInformation
GetWindowsDirectoryW
GetConsoleCursorInfo
GetStdHandle
GetEnvironmentStrings
WriteProcessMemory
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
LocalFree
SetConsoleScreenBufferSize
GetSystemTimeAdjustment
GetLastError
WideCharToMultiByte
FindAtomW
WaitForMultipleObjectsEx
SwitchToThread
EndUpdateResourceA
SetComputerNameA
GetFileInformationByHandle
SetEnvironmentVariableW
ConvertThreadToFiber
WriteConsoleOutputCharacterA
VirtualAlloc

shlwapi

PathIsNetworkPathA
PathRemoveBlanksA
PathRenameExtensionW
SHEnumKeyExA
SHQueryInfoKeyW
StrCpyW
PathCompactPathA
StrRetToStrA
PathRelativePathToW
StrRChrIW
SHCopyKeyA
PathSetDlgItemPathA
PathBuildRootA
PathIsURLA
SHRegCloseUSKey
StrCSpnIA
StrTrimW
SHRegCreateUSKeyA
SHQueryValueExW
PathFindSuffixArrayW
StrChrW
wvnsprintfW
PathStripPathW
SHDeleteEmptyKeyA
StrSpnW
SHGetValueA
wnsprintfA
PathFindExtensionA
ColorRGBToHLS
UrlGetLocationW
SHRegGetUSValueW
SHDeleteEmptyKeyW
SHSetValueW
AssocQueryKeyW
StrCmpW
PathIsRootA
StrChrIA
PathRemoveExtensionW
StrFormatKBSizeW
HashData
UrlCompareA
StrRStrIA
StrCatW
UrlCreateFromPathA
PathFindNextComponentA
PathCanonicalizeW
PathUndecorateW
StrFromTimeIntervalA
PathIsUNCServerW
PathAppendW
UrlGetPartA
SHRegCreateUSKeyW
PathCreateFromUrlA
PathIsDirectoryW
PathAppendA
SHRegEnumUSValueW
PathUndecorateA
SHRegGetUSValueA
StrCSpnA
PathIsUNCServerA
SHRegDeleteEmptyUSKeyW
ChrCmpIA
StrFromTimeIntervalW
SHDeleteValueA
PathRenameExtensionA
StrToIntExW
ChrCmpIW
PathSearchAndQualifyW
StrRetToBufA
PathCompactPathExA
StrCmpNIW
StrNCatA
SHEnumValueW
PathFindSuffixArrayA
PathAddExtensionA
PathIsUNCA
PathIsURLW
SHRegDeleteUSValueW
AssocQueryStringByKeyW
SHOpenRegStreamW
SHRegOpenUSKeyA
SHRegDeleteUSValueA
StrToIntW
wnsprintfW
PathGetCharTypeW
SHAutoComplete
ColorAdjustLuma
SHRegSetUSValueA
PathFindOnPathW
UrlEscapeA
PathIsContentTypeA
SHRegEnumUSValueA
StrFormatByteSize64A
SHIsLowMemoryMachine
PathMakeSystemFolderW
SHGetThreadRef
UrlUnescapeA
ColorHLSToRGB
PathRemoveExtensionA
PathIsDirectoryEmptyW
PathFindFileNameA
SHStrDupA
PathIsPrefixA
UrlApplySchemeA
wvnsprintfA
UrlEscapeW
PathUnquoteSpacesW
PathCombineA
PathCommonPrefixA
PathFileExistsW
SHStrDupW
StrCatBuffW
SHRegWriteUSValueA
StrCatBuffA
StrFormatKBSizeA
StrRChrW
PathRemoveFileSpecA

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a2369758326fd45b2f462d16b162818

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

user32

kernel32

shlwapi

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB