2677975f68b954dd99191298ae13defd0225fe4ed0de1cab13b9cada4e91734f

Sharing

Copy URL Twitter E-mail

General

Target

2677975f68b954dd99191298ae13defd0225fe4ed0de1cab13b9cada4e91734f
Size

725KB
MD5

966dd82115f640a91150687dc85edd0c
SHA1

cc5b0720837e815d9291dd9c98a1479aa8ea525c
SHA256

2677975f68b954dd99191298ae13defd0225fe4ed0de1cab13b9cada4e91734f
SHA512

96aee8cf67d97dd8cc75bc241feff0395922768bdcf1de8270aed16e3713afe1580590063bc5b4c25ba24c478e5aca787e44e31dcedd1e407a91afaa50207c37
SSDEEP

12288:rpl45+ovuGzTVCQNcl7VnHtOEaAcWy/+hiO3Cg82KYtMd1Rm1HXYxI7lL7MeIEdI:rX4AlNODSy/+Q6BMzRm1S2lL7diZ

Score

N/A

Malware Config

Signatures

Files

2677975f68b954dd99191298ae13defd0225fe4ed0de1cab13b9cada4e91734f
.exe windows x86

9a0141ead157a7c5eaa2a770356b1fec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsnicmp
memmove
_wcsicmp
memset
wcschr
_vsnwprintf
memcpy
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CxxThrowException

kernel32

InterlockedDecrement
MultiByteToWideChar
LocalAlloc
LocalFree
FindClose
FindFirstFileW
lstrlenW
GetProcAddress
GetModuleHandleW
LCMapStringW
WritePrivateProfileStructW
GetPrivateProfileStructW
CloseHandle
CreateThread
GetModuleFileNameW
GetLastError
DeleteFileW
ExitThread
FreeLibraryAndExitThread
GlobalUnlock
GlobalLock
CreateEventW
SetEvent
MulDiv
DelayLoadFailureHook
FreeLibrary
InterlockedCompareExchange
LoadLibraryExA
InterlockedExchange
Sleep
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
GlobalAlloc
GlobalSize
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
ExpandEnvironmentStringsA
DeactivateActCtx
ActivateActCtx
CreateActCtxW
ReleaseActCtx
LoadLibraryW
VirtualAlloc
GetVersion
AddAtomA

user32

CreateMenu
GetMenuItemID
TrackPopupMenu
MapWindowPoints
GetMenuDefaultItem
GetKeyState
GetCursor
RegisterClassW
GetMenuStringW
GetMessageW
GetActiveWindow
PostMessageW
IsWindowEnabled
GetWindow
MessageBoxW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
ShowWindow
GetFocus
GetAsyncKeyState
DrawMenuBar
GetWindowRect
IsChild
SetMenu
DestroyIcon
SetForegroundWindow
LoadImageW
GetMenuItemInfoW
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
DrawEdge
DestroyWindow
SetActiveWindow
DispatchMessageW
TranslateMessage
GetDesktopWindow
SetDlgItemTextW
GetDlgItemTextW
MsgWaitForMultipleObjects
SetTimer
KillTimer
DrawFocusRect
DrawStateW
DrawFrameControl
InflateRect
GetWindowTextLengthW
GetDialogBaseUnits
SetWindowLongW
IsWindowVisible
UpdateWindow
SystemParametersInfoW
SetMenuDefaultItem
EnableMenuItem
SetWindowTextW
GetWindowLongW
SetWindowPos
LoadCursorW
SetCursor
IsWindow
BeginPaint
GetParent
SendMessageW
GetSysColor
GetWindowTextW
IsMenu
CheckMenuItem
CheckMenuRadioItem
CreatePopupMenu
EnableWindow
DestroyMenu
FillRect
PostThreadMessageW
CreateDialogParamW
CreateWindowExW
GetDC
ReleaseDC
EndDialog
SendDlgItemMessageW
IsDialogMessageW
SetFocus
GetClientRect
GetSystemMetrics
EndPaint
InvalidateRect
DefWindowProcW
LoadMenuW
GetSubMenu
GetMenuItemCount
DeleteMenu
LoadStringW
RegisterClipboardFormatW
DialogBoxParamW
SetMenuItemInfoW

gdi32

SetBkColor
SetTextColor
SelectObject
DeleteObject
ExtTextOutW
GetTextExtentPointW
CreateCompatibleDC
CreateFontIndirectW
PatBlt
GetLayout
DeleteDC
GetTextExtentPoint32W

advapi32

RegSetValueExW
RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

shlwapi

PathParseIconLocationW
StrCmpIW
StrCmpW
StrCmpNW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
CoTaskMemRealloc
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream

winspool.drv

ClosePrinter
EnumFormsW
OpenPrinterW

ntdsapi

DsCrackNamesW
DsFreeNameResultW

uxtheme

DrawThemeParentBackground
OpenThemeData
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
GetThemeBackgroundContentRect
CloseThemeData
GetThemePartSize
DrawThemeText
EnableThemeDialogTexture

netapi32

NetApiBufferFree
DsGetDcNameW

clb

ClbStyleW
ClbSetColumnWidths
ClbWndProc
ClbAddData

riched20

RichEdit10ANSIWndProc
RichEditANSIWndProc
CreateTextServices
IID_IRichEditOle
IID_ITextHost2
IID_ITextHost

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a0141ead157a7c5eaa2a770356b1fec

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shlwapi

ole32

winspool.drv

ntdsapi

uxtheme

netapi32

clb

riched20

Sections

.text Size: 194KB - Virtual size: 194KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 308KB

.rsrc Size: 513KB - Virtual size: 513KB

.text
Size: 194KB - Virtual size: 194KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 308KB

.rsrc
Size: 513KB - Virtual size: 513KB