c749e7d48c99de4007cf391f7e87aee06bc0cedfc13685903fc9957281c29a55

Sharing

Copy URL Twitter E-mail

General

Target

c749e7d48c99de4007cf391f7e87aee06bc0cedfc13685903fc9957281c29a55
Size

2.5MB
MD5

c42eb0041f35a4d7a0cf1716f212a0b4
SHA1

f3ea870bfaebcc000b56f404fbcdb6d525e8bac5
SHA256

c749e7d48c99de4007cf391f7e87aee06bc0cedfc13685903fc9957281c29a55
SHA512

9a26a295530a4d5dec97817dcd8d5beb8342c74c8119cf18a491ee17fbf424f55e8a552fd46a77e4657e6ec183b0605eb9d47e2aea6753916a398f5124d5489c
SSDEEP

49152:jk9y7hD4qifSC6BwKoE0fdBhogECd7/9WadBJjw:jF7hDBifSC2wVE0fdBhogEA93dBJ

Score

N/A

Malware Config

Signatures

Files

c749e7d48c99de4007cf391f7e87aee06bc0cedfc13685903fc9957281c29a55
.exe windows x86

58eae921dc141dd7a7c6ef1408422ef7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetStartupInfoA
RtlUnwind
ExitThread
CreateThread
RaiseException
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetStdHandle
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
HeapAlloc
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetCurrentDirectoryA
CompareStringW
SetEnvironmentVariableA
ExitProcess
HeapFree
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
SystemTimeToFileTime
GetAtomNameA
GetModuleHandleW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetCurrentDirectoryA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetCurrentProcessId
SetLastError
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
DeviceIoControl
GetLastError
CreateFileA
FreeResource
GlobalUnlock
GlobalLock
Sleep
CopyFileA
GlobalFree
GlobalAlloc
GetModuleFileNameA
GetCurrentProcess
CreateProcessA
lstrlenA
CreateDirectoryA
GetVersionExA
GetSystemInfo
GetModuleHandleA
GetProcAddress
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetConsoleCP
MultiByteToWideChar
InterlockedCompareExchange

user32

GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
OffsetRect
IntersectRect
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
FillRect
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetSysColor
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CopyRect
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
UnhookWindowsHookEx
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
ShowOwnedPopups
SetCursor
GetScrollRange
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
DeferWindowPos
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
SetScrollRange
LockWindowUpdate
GetDCEx
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindow
GetWindowRect
GetParent
EqualRect
EnableWindow
KillTimer
InvalidateRect
SetTimer
PtInRect
DrawIcon
GetSystemMetrics
IsIconic
PostThreadMessageA
UnionRect
SetParent
MapVirtualKeyA
GetKeyNameTextA
RegisterClipboardFormatA
TrackPopupMenu
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
GetClientRect
SendMessageA
AppendMenuA
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
UpdateWindow
ShowScrollBar
GetKeyState
SetForegroundWindow
LoadIconA
GetSystemMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
SetRectEmpty
SetMenu
DestroyIcon
GetSysColorBrush
GetDialogBaseUnits
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorA
SetCapture
WindowFromPoint
CharUpperA
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
SetWindowsHookExA
UnregisterClassA

gdi32

IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
ExcludeClipRect
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetTextMetricsA
GetCharWidthA
CreateFontA
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
SetMapMode
GetClipBox
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
PolyDraw
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

ControlService
RegQueryValueExA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
OpenSCManagerA
StartServiceA
CreateServiceA
DeleteService
CloseServiceHandle
OpenServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
DragFinish
DragQueryFileA
SHGetSpecialFolderPathA
SHGetFileInfoA

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathIsUNCA
PathStripToRootA
UrlUnescapeA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathFileExistsA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleDuplicateData
CoRegisterMessageFilter
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StringFromGUID2
CoDisconnectObject
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard

oleaut32

VariantClear
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

urlmon

URLDownloadToFileA

gdiplus

GdipGetImageWidth
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneBrush
GdipDrawString
GdipDisposeImage
GdipCloneImage
GdipReleaseDC
GdipGetImageHeight
GdipLoadImageFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCloneBitmapAreaI
GdipDrawImageRectI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRect
GdiplusStartup
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipLoadImageFromStream
GdipCreateFromHDC
GdiplusShutdown

wininet

InternetCrackUrlA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
HttpOpenRequestA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetOpenA
InternetCanonicalizeUrlA

iphlpapi

GetAdaptersInfo

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

Sections

.text
Size: 694KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58eae921dc141dd7a7c6ef1408422ef7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

wininet

iphlpapi

psapi

Sections

.text Size: 694KB - Virtual size: 693KB

.rdata Size: 155KB - Virtual size: 155KB

.data Size: 14KB - Virtual size: 30KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 48KB - Virtual size: 48KB

.text
Size: 694KB - Virtual size: 693KB

.rdata
Size: 155KB - Virtual size: 155KB

.data
Size: 14KB - Virtual size: 30KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 48KB - Virtual size: 48KB