12510e6769c8b9eb5abe663f51e4ad5c4468d40f9723689c5201b619ad5b7c34

Sharing

Copy URL Twitter E-mail

General

Target

12510e6769c8b9eb5abe663f51e4ad5c4468d40f9723689c5201b619ad5b7c34
Size

3.2MB
MD5

10b3cf0a50a0afd766fc19d2e142e44b
SHA1

9ae969338dc119ee01973774295ce15c531eeb4b
SHA256

12510e6769c8b9eb5abe663f51e4ad5c4468d40f9723689c5201b619ad5b7c34
SHA512

821cbe9b8d346eb86f5ac9fe9a0d30980b3e86984cf31f96318bf6f3d3e89a84a29a3f28cca7134240c253ca4fba049c76dc2201bc1b58e5ac2e86b2006ddab2
SSDEEP

49152:v8EFh274lhE5Ce3g2yUnGdcw0EPohJWukjHljlkVcZQ7QU:jW743E5j3gPew0EQh6HfkVcZLU

Score

N/A

Malware Config

Signatures

Files

12510e6769c8b9eb5abe663f51e4ad5c4468d40f9723689c5201b619ad5b7c34
.exe windows x86

4eba949de338f45341b59617edb819cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
FindFirstFileW
FindNextFileW
CopyFileA
AreFileApisANSI
FlushFileBuffers
QueryPerformanceCounter
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetFileSize
LockFileEx
CreateFileMappingA
UnlockFile
HeapCompact
GetSystemInfo
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
HeapValidate
GetFileAttributesW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
GetFullPathNameW
HeapCreate
ReadFile
TryEnterCriticalSection
CreateProcessW
RemoveDirectoryW
SetFileAttributesW
GetCurrentThread
VirtualProtect
SetUnhandledExceptionFilter
lstrcmpiW
LoadLibraryExW
SetCurrentDirectoryW
IsBadReadPtr
GetShortPathNameW
GetProcessId
lstrcpynW
lstrlenW
OpenFileMappingW
GetStartupInfoW
GetTempFileNameW
MoveFileW
MoveFileExW
WriteFile
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
CreateMutexW
Sleep
GetLastError
GetCurrentProcessId
OpenProcess
GetLongPathNameW
LocalFree
DecodePointer
WritePrivateProfileStringW
GetLocalTime
ResetEvent
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
RaiseException
GetSystemDirectoryW
SetStdHandle
SetConsoleCtrlHandler
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
GetStdHandle
GetModuleFileNameA
ExitProcess
FindClose
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
RtlUnwind
DosDateTimeToFileTime
FileTimeToDosDateTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileTime
GetFileTime
ResumeThread
SuspendThread
SetThreadContext
GetThreadContext
VirtualQuery
GetSystemWindowsDirectoryW
FreeResource
lstrcmpiA
lstrcmpA
DeviceIoControl
TerminateProcess
UnhandledExceptionFilter
GetPrivateProfileIntW
GetFileSizeEx
GlobalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
GetStringTypeW
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
IsDebuggerPresent
GetPrivateProfileStringW
GetCommandLineW
GetModuleHandleW
LoadLibraryW
GetCurrentProcess
GetProcAddress
FreeLibrary
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
lstrcmpW
CreateEventW
WaitForMultipleObjects
WaitForSingleObject
SetEvent
InterlockedCompareExchange
InterlockedExchange
GetTickCount
GetFileAttributesExW
CreateFileW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
CloseHandle
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
DeleteCriticalSection
LockResource
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FindResourceExW
FindResourceW
SizeofResource
LoadResource
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DeleteFileW
lstrcpyW
GetTimeZoneInformation
GetLongPathNameA
InitializeCriticalSectionAndSpinCount
CreateThread
SetLastError
WriteConsoleW
GetCurrentThreadId
FindFirstFileExA
GetTempPathW

user32

GetAsyncKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
UnregisterClassA
DrawFocusRect
DestroyCursor
EqualRect
UnionRect
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
GetClientRect
UpdateLayeredWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
CallWindowProcW
DefWindowProcW
GetWindowRect
SetCursor
GetCursorPos
SetWindowPos
PostMessageW
SendMessageW
IsWindowVisible
ScreenToClient
PtInRect
GetWindowLongW
SetWindowLongW
GetAncestor
GetWindowInfo
MonitorFromPoint
GetTopWindow
GetShellWindow
WindowFromPoint
AttachThreadInput
DrawTextW
CreateDialogParamW
GetMonitorInfoW
MonitorFromWindow
MapWindowPoints
SetForegroundWindow
EndDialog
FindWindowW
DispatchMessageW
TranslateMessage
SystemParametersInfoW
LoadImageW
IsWindowEnabled
EnableWindow
DialogBoxParamW
PostQuitMessage
OffsetRect
CopyRect
GetForegroundWindow
GetParent
GetSystemMetrics
GetWindow
GetClassNameW
GetDesktopWindow
FillRect
GetSysColor
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
DestroyAcceleratorTable
CreateAcceleratorTableW
GetFocus
SetFocus
CharNextW
GetDlgItem
MoveWindow
IsChild
RegisterWindowMessageW
PostThreadMessageW
PeekMessageW
GetMessageW
GetClassInfoExW
RegisterClassExW
UnregisterClassW
GetWindowThreadProcessId
FindWindowExW
SendMessageTimeoutW
wsprintfW
LoadCursorW

gdi32

RectVisible
GetTextMetricsW
SetTextColor
SetBkMode
GetStockObject
GetDeviceCaps
CreateSolidBrush
ExtTextOutW
GetObjectW
CreateDIBSection
SetBkColor
SelectObject
SelectClipRgn
SaveDC
RestoreDC
DeleteObject
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
EnumFontFamiliesW
SetViewportOrgEx
CreateFontW
OffsetViewportOrgEx

advapi32

RegDeleteValueW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
CloseServiceHandle
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetKeyParam
CryptGenRandom
CryptImportKey
CryptEncrypt
CryptDecrypt
CryptContextAddRef
RegEnumKeyExA
RegEnumValueW

shell32

SHChangeNotify
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderPathW
ord165

ole32

CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
OleLockRunning
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoTaskMemRealloc
OleRun
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
CreateStreamOnHGlobal
CoGetClassObject

oleaut32

VarUI4FromStr
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
LoadTypeLi
VariantClear
CreateErrorInfo
SetErrorInfo
SysStringLen
GetErrorInfo
VariantChangeType
VariantInit
SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

PathFileExistsW
PathIsPrefixW
PathRemoveFileSpecW
StrStrIW
SHGetValueW
PathAppendW
SHSetValueW
PathFindExtensionW
SHDeleteValueW
PathFileExistsA
AssocQueryStringW
PathRenameExtensionW
StrCmpIW
wnsprintfW
PathIsDirectoryW
PathRelativePathToW
SHDeleteKeyW
StrToIntExW
SHGetValueA
SHSetValueA
PathCombineW
StrCmpNIW
StrTrimA
StrStrIA
PathFindFileNameW

comctl32

_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipBitmapGetPixel
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteStringFormat
GdipCreateStringFormat
GdipMeasureString
GdipSetStringFormatTrimming
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipSetStringFormatAlign
GdipDrawImagePointRectI
GdipFillRectangleI
GdipDrawRectangleI
GdipSetTextRenderingHint
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDeletePen
GdipCreatePen1
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW

setupapi

SetupIterateCabinetW

crypt32

CertGetNameStringW
CryptUnprotectData

wininet

InternetSetCookieExA
InternetGetConnectedState

imm32

ImmAssociateContext

iphlpapi

GetAdaptersInfo

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4eba949de338f45341b59617edb819cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

version

psapi

setupapi

crypt32

wininet

imm32

iphlpapi

wintrust

urlmon

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 320KB - Virtual size: 320KB

.data Size: 30KB - Virtual size: 43KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 84KB - Virtual size: 83KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 320KB - Virtual size: 320KB

.data
Size: 30KB - Virtual size: 43KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 84KB - Virtual size: 83KB