3fef81bff3cde89ac2e251ae0fe7d292de9b57b0ee1b4fb82e68cf6cb76ad073

Sharing

Copy URL Twitter E-mail

General

Target

3fef81bff3cde89ac2e251ae0fe7d292de9b57b0ee1b4fb82e68cf6cb76ad073
Size

989KB
MD5

0b797b9b3fec3f33293dc4e0802ba270
SHA1

84d3b225a6a7bb603796691dd877e515d14e5b7c
SHA256

3fef81bff3cde89ac2e251ae0fe7d292de9b57b0ee1b4fb82e68cf6cb76ad073
SHA512

3f4eee82ef51db06f7bd9f24ac2fa4c3f1b44746759a3556d48dba1ec94c5ffc5351fc28bd6c587d5e909b861fbf5a2c02c7063feb655998d7143d53c8c1327a
SSDEEP

24576:0M2gLjr7huuuiapCS33LmUo6BznAiBGOlS0Ibh:m27huua337NnAaNIbh

Score

N/A

Malware Config

Signatures

Files

3fef81bff3cde89ac2e251ae0fe7d292de9b57b0ee1b4fb82e68cf6cb76ad073
.exe windows x86

a092f6d2d98d831275d7b5fce2f26265

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WriteFile
lstrlenA
MoveFileW
MoveFileExW
GetVersion
FreeLibrary
GetProcAddress
CreateThread
GetFileSize
GetFullPathNameW
FindNextFileW
LoadLibraryW
GetStdHandle
WriteConsoleW
SetUnhandledExceptionFilter
GetThreadSelectorEntry
CreateFileA
SetFilePointer
ReadProcessMemory
VirtualQuery
GetCurrentThread
GetModuleFileNameA
VirtualQueryEx
SetEvent
CreateEventW
lstrcpynW
GetLogicalDrives
GetDriveTypeW
DeviceIoControl
MapViewOfFileEx
OpenMutexW
GetCPInfo
IsDBCSLeadByte
CreateDirectoryW
GetFileSizeEx
SetEndOfFile
GetCurrentDirectoryW
GetFileType
GetACP
ReleaseMutex
FileTimeToSystemTime
FindClose
TerminateThread
IsBadReadPtr
OutputDebugStringW
ResetEvent
FindFirstFileW
CompareStringW
CompareStringA
GetDriveTypeA
GetLocaleInfoW
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
SetHandleCount
FlushFileBuffers
HeapCreate
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoA
GetCommandLineA
FileTimeToLocalFileTime
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
CopyFileW
GetFileAttributesW
SetFileAttributesW
MultiByteToWideChar
GetModuleFileNameW
MulDiv
GlobalLock
GlobalUnlock
lstrcmpW
RaiseException
GetLastError
OpenFileMappingW
SetLastError
ReadFile
GetVersionExW
InterlockedDecrement
FlushInstructionCache
Sleep
FindResourceExW
ProcessIdToSessionId
GetCurrentProcessId
LoadResource
GlobalFree
InitializeCriticalSection
LockResource
SizeofResource
CreateFileMappingW
GlobalAlloc
InterlockedIncrement
LocalFree
GetCommandLineW
GetCurrentProcess
lstrlenW
FindResourceW
DeleteCriticalSection
DeleteFileW
LeaveCriticalSection
GetTempFileNameW
GetTempPathW
CreateFileW
EnterCriticalSection
GetPrivateProfileIntW
GetCurrentThreadId
WritePrivateProfileStringW
CreateMutexW
GetPrivateProfileStringW
WideCharToMultiByte
UnmapViewOfFile
CloseHandle
GetTickCount
MapViewOfFile
SystemTimeToFileTime
GetLocalTime
SetEnvironmentVariableA

user32

GetDesktopWindow
GetPropW
ShowWindow
SetForegroundWindow
DestroyIcon
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
IsWindow
GetWindow
DrawTextW
OpenInputDesktop
GetUserObjectInformationW
CloseDesktop
GetThreadDesktop
GetWindowTextW
GetGUIThreadInfo
SetWindowRgn
GetWindowThreadProcessId
LoadBitmapW
SetCursor
LoadImageW
GetMonitorInfoW
MonitorFromPoint
GetCursorPos
DrawIconEx
PtInRect
SetWindowLongW
AdjustWindowRectEx
GetMenu
DrawEdge
InflateRect
GetSystemMetrics
CreateAcceleratorTableW
InvalidateRgn
CharNextW
SetFocus
GetFocus
UnregisterClassA
CreateDialogParamW
CallWindowProcW
CreateWindowExW
IsChild
GetSysColor
GetClassNameW
ReleaseCapture
SetCapture
GetKeyState
GetAsyncKeyState
SetWindowPos
EndPaint
FillRect
GetWindowLongW
ReleaseDC
MoveWindow
BeginPaint
GetDC
DestroyWindow
ScreenToClient
DefWindowProcW
RegisterClassExW
GetParent
GetClassInfoExW
RedrawWindow
ClientToScreen
TrackMouseEvent
UnregisterClassW
UpdateLayeredWindow
IsWindowEnabled
DrawFocusRect
MessageBoxW
GetDlgCtrlID
UpdateWindow
GetCapture
EnableMenuItem
SystemParametersInfoW
GetSystemMenu
PostQuitMessage
SetTimer
EnableWindow
PostMessageW
IsWindowVisible
SetWindowTextW
KillTimer
IsDialogMessageW
GetWindowRect
LoadCursorW
InvalidateRect
DestroyAcceleratorTable
GetDlgItem
SendMessageW
GetClientRect

gdi32

SetBkMode
SetTextColor
CreateFontW
StretchBlt
BitBlt
CreateDIBSection
CreateFontIndirectW
PatBlt
Rectangle
DeleteDC
GetStockObject
GetObjectW
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
CreateRoundRectRgn
GetDeviceCaps
SelectObject
CreateCompatibleDC

advapi32

RegCreateKeyExW
ConvertSidToStringSidW
LookupAccountNameW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
IsTextUnicode
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityInfo
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW

shell32

Shell_NotifyIconW
SHFileOperationW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
StgOpenStorageOnILockBytes
StgCreateDocfile
CreateILockBytesOnHGlobal
StgOpenStorage
CoUninitialize
StringFromGUID2
CoCreateGuid
CLSIDFromString
CoTaskMemAlloc
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance
OleUninitialize
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoInitializeEx
CoFreeLibrary
CoLoadLibrary
OleInitialize
CLSIDFromProgID

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen
VariantInit
SysAllocStringByteLen

shlwapi

PathFileExistsW
wnsprintfW

comctl32

_TrackMouseEvent
ImageList_Create
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Destroy
ord17
ImageList_GetIconSize

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

wininet

InternetQueryOptionA

ws2_32

shutdown
sendto
recv
send
WSAAsyncGetHostByName
connect
WSAAsyncSelect
setsockopt
inet_addr
inet_ntoa
htonl
closesocket
WSACancelAsyncRequest
WSAGetLastError
WSACleanup
ntohs
htons
ntohl
WSAStartup
socket
gethostbyname

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

netapi32

Netbios
NetApiBufferFree
NetWkstaTransportEnum

Sections

.text
Size: 636KB - Virtual size: 633KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a092f6d2d98d831275d7b5fce2f26265

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

wtsapi32

wininet

ws2_32

version

netapi32

Sections

.text Size: 636KB - Virtual size: 633KB

.rdata Size: 144KB - Virtual size: 141KB

.data Size: 48KB - Virtual size: 66KB

.rsrc Size: 152KB - Virtual size: 152KB

.text
Size: 636KB - Virtual size: 633KB

.rdata
Size: 144KB - Virtual size: 141KB

.data
Size: 48KB - Virtual size: 66KB

.rsrc
Size: 152KB - Virtual size: 152KB