befa7b4e2b905a9459464b9d5adf208270bfb767a16d5eb6670578ffb84f87ec

Sharing

Copy URL Twitter E-mail

General

Target

befa7b4e2b905a9459464b9d5adf208270bfb767a16d5eb6670578ffb84f87ec
Size

923KB
MD5

0006b93ca34ec521bf73fd29aacae900
SHA1

a4a754ec1769a7a71a64dd7f960d310559ef3865
SHA256

befa7b4e2b905a9459464b9d5adf208270bfb767a16d5eb6670578ffb84f87ec
SHA512

4b3e31e9dffe18495169aae814ce5026808fa11e6df767910aa23b0d3003bf22a4b5787d6bf93149cdcf08fb3081d34503790b6bc375b7af340795618b6cf016
SSDEEP

24576:XAztMDLUtCBYKvMGi2keICwjE/z1fxXnEpGq6sncaE8fv7y9VS:NOUZ1f18Asni8fo8

Score

N/A

Malware Config

Signatures

Files

befa7b4e2b905a9459464b9d5adf208270bfb767a16d5eb6670578ffb84f87ec
.exe windows x86

f437f5b983c99e90d7a4a17b994ef32a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
InitializeCriticalSectionAndSpinCount
ReadFile
lstrcpyW
OutputDebugStringW
GetTempPathW
lstrcmpW
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FlushInstructionCache
SetLastError
RaiseException
GetModuleFileNameW
GetCurrentThreadId
OpenMutexW
CreateMutexW
CreateEventW
InitializeCriticalSection
SetEvent
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualFree
GetPrivateProfileStringW
LoadLibraryW
SetEndOfFile
SetStdHandle
WriteConsoleW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetVersionExW
LocalFree
GetModuleHandleW
MoveFileExW
CreateFileW
HeapFree
GetProcessHeap
HeapAlloc
FindClose
DeleteFileW
SetFileAttributesW
FindNextFileW
lstrcmpiW
RemoveDirectoryW
FindFirstFileW
lstrcatW
lstrlenW
GetFileAttributesW
TerminateProcess
OpenProcess
Process32NextW
FindResourceExW
Process32FirstW
CreateToolhelp32Snapshot
SystemTimeToFileTime
GetLocalTime
WideCharToMultiByte
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryExW
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceW
CloseHandle
WaitForSingleObject
CreateProcessW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
GetStdHandle
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
LCMapStringW
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateThread
ExitThread
InterlockedIncrement
lstrcmpiA
GetTickCount
GetFileSize
GlobalReAlloc
MultiByteToWideChar
GetLastError
HeapDestroy
HeapReAlloc
DecodePointer
EncodePointer
HeapSize
Sleep
InterlockedPopEntrySList
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
InterlockedDecrement

user32

SetCapture
MoveWindow
ScreenToClient
GetParent
ClientToScreen
CreateAcceleratorTableW
DestroyWindow
CreateWindowExW
GetClassInfoExW
RedrawWindow
SetWindowPos
CharNextW
UnregisterClassA
IsWindowEnabled
TrackMouseEvent
EnableWindow
SetWindowRgn
PostQuitMessage
EndDialog
DrawIconEx
ReleaseCapture
MapWindowPoints
GetClientRect
IsDialogMessageW
SetCursor
SetMenuItemInfoW
RemoveMenu
GetMenuState
SetMenuInfo
GetMenuInfo
GetClassNameA
CallNextHookEx
InvalidateRgn
CallWindowProcW
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
GetWindowLongW
SetWindowLongW
GetCursorPos
SetWindowsHookExW
GetWindowThreadProcessId
FillRect
SetPropA
SetClassLongW
GetClassLongW
UnhookWindowsHookEx
GetMenuItemInfoW
InflateRect
SetWindowTextA
FindWindowA
GetWindowDC
GetMenuItemCount
GetSystemMetrics
SystemParametersInfoW
GetMonitorInfoW
LoadCursorW
RegisterClassExW
DefWindowProcW
MessageBoxW
SetForegroundWindow
IsIconic
KillTimer
SetTimer
UnregisterHotKey
RegisterHotKey
LoadIconW
IsZoomed
GetWindowRect
wsprintfW
PostMessageW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
SendMessageW
IsWindow
GetClassNameW
GetSysColor
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
PtInRect
IsRectEmpty
SetParent
IsWindowVisible
ShowWindow
OffsetRect
DrawTextW
CopyRect
EqualRect
SetRect
SetRectEmpty
GetPropA
UpdateWindow
MonitorFromWindow

gdi32

DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
SetTextColor
SetBkMode
SetBkColor
ExtTextOutW
CreatePen
CreateFontIndirectW
GetClipBox
ExcludeClipRect
Rectangle
StretchBlt
GetPixel
CreateFontW
GetRgnBox
RoundRect
GetTextExtentPoint32W
Ellipse
CreateDCW
SelectPalette
RealizePalette
GetDIBits
CreateDIBitmap
CreateDIBSection
ExtCreateRegion
CombineRgn
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush

advapi32

RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
GetUserNameW
BuildExplicitAccessWithNameW
DeleteAce
GetExplicitEntriesFromAclW
SetNamedSecurityInfoW
SetEntriesInAclW
GetNamedSecurityInfoW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExW
RegDeleteKeyW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoCreateInstance
OleUninitialize
CoTaskMemRealloc
OleInitialize

oleaut32

LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantInit
OleCreateFontIndirect
SysAllocStringLen
VariantClear
SysFreeString
SysAllocString
VarUI4FromStr

shlwapi

PathFileExistsW
PathIsDirectoryW
SHGetValueW
SHDeleteKeyW
StrChrIW
StrStrIW
PathAppendW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

TransparentBlt

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

winhttp

WinHttpCrackUrl
WinHttpConnect
WinHttpSetOption
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpWriteData
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpOpen
WinHttpCloseHandle
WinHttpSetTimeouts

gdiplus

GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectRect
GdipFillRectangle
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipSetCompositingMode
GdipCreateFromHDC
GdipAlloc
GdipReleaseDC
GdipFree
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup

Sections

.text
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 427KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f437f5b983c99e90d7a4a17b994ef32a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

wtsapi32

winhttp

gdiplus

Sections

.text Size: 381KB - Virtual size: 380KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 15KB - Virtual size: 23KB

.rsrc Size: 427KB - Virtual size: 428KB

.text
Size: 381KB - Virtual size: 380KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 15KB - Virtual size: 23KB

.rsrc
Size: 427KB - Virtual size: 428KB